RobTex Viking Web服务器目录遍历漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106317 漏洞类型 路径遍历
发布时间 2001-04-23 更新时间 2005-05-02
CVE编号 CVE-2001-0467 CNNVD-ID CNNVD-200106-122
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/20793
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200106-122
|漏洞详情
RobTexVikingWeb服务器1.07-381之前版本存在目录遍历漏洞。远程攻击者可以借助HTTPURL请求中的\...(修改过的点点)读取任意文件。
|漏洞EXP
source: http://www.securityfocus.com/bid/2643/info

The Viking Server is a freely available software package maintained and distributed by Robtex. The Viking Server provides multiple protocol service on Windows 95, 98, and NT systems.

A problem in the software package could make it possible for remote users to gain access to sensitive system files. Due to the improper handling of relative paths by the HTTP serving portion of the Viking Server, a user requesting a relative path such as "\...\" can gain access to the root directory, breaking out of the webroot.

This problem makes it possible for remote user to gain access to sensitive system files, and potentially local access. 

http://vulnerable.system/\...\
|参考资料

来源:BID
名称:2643
链接:http://www.securityfocus.com/bid/2643
来源:BUGTRAQ
名称:20010423VulnerabilityinVikingWebServer
链接:http://www.securityfocus.com/archive/1/178935
来源:www.robtex.com
链接:http://www.robtex.com/files/viking/beta/chglog.txt
来源:XF
名称:viking-dot-directory-traversal(6450)
链接:http://xforce.iss.net/static/6450.php