iPlanet证书管理系统和目录服务器目录遍历漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106053 漏洞类型 路径遍历
发布时间 2000-10-25 更新时间 2006-08-31
CVE编号 CVE-2000-1075 CNNVD-ID CNNVD-200012-071
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/20324
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200012-071
|漏洞详情
iPlanet证书管理系统4.2版本和目录服务器4.12版本存在目录遍历漏洞。远程攻击者借助Agent,EndEntity或者Administrator服务中..(点点)攻击读取任意文件。
|漏洞EXP
source: http://www.securityfocus.com/bid/1839/info


Acquiring access to known files outside of the web root is possible through directory traversal techniques in both iPlanet Certificate Management System (CMS). This is made possible through the use of "\../" in a HTTP request. The following services are affected by this vulnerability:

- The Agent services server on port 8100/tcp
- The End Entity services server on port 443/tcp (Accessible through SSL)
- The Administrator services server on a random port configured during installation.

https://target/ca/\../\../\../\file.ext
|参考资料

来源:BID
名称:1839
链接:http://www.securityfocus.com/bid/1839
来源:XF
名称:iplanet-netscape-directory-traversal
链接:http://xforce.iss.net/static/5421.php
来源:www.iplanet.com
链接:http://www.iplanet.com/downloads/patches/0122.html
来源:OSVDB
名称:486
链接:http://www.osvdb.org/486
来源:OSVDB
名称:4086
链接:http://www.osvdb.org/4086
来源:BUGTRAQ
名称:20001026[CORESDIADVISORY]iPlanetCertificateManagementSystem4.2pathtraversalbug
链接:http://archives.neohapsis.com/archives/bugtraq/2000-10/0383.html