Perl web服务器目录遍历漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106320 漏洞类型 路径遍历
发布时间 2001-04-24 更新时间 2005-05-02
CVE编号 CVE-2001-0462 CNNVD-ID CNNVD-200106-139
漏洞平台 Multiple CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/20797
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200106-139
|漏洞详情
Perlweb服务器0.3及其早期版本存在目录遍历漏洞。远程攻击者可以借助URL中的..(点点)读取任意文件。
|漏洞EXP
source: http://www.securityfocus.com/bid/2648/info

Perl Web Server, an experimental cross-platform web server project, does not prevent a remote user from requesting documents outside the ServerRoot (location of the virtual / directory).

This means that if an attacker knows the location of a sensitive file relative to the ServerRoot, he can retrieve the contents of the file by making an HTTP request containing the relative path. 

o retrieve /etc/password from a vulnerable host, request:

http://www.server.com/../../../../etc/passwd

The number of ../ path characters will depend on the ServerRoot (location of the virtual / directory) setting.
|参考资料

来源:BID
名称:2648
链接:http://www.securityfocus.com/bid/2648
来源:BUGTRAQ
名称:20010424Advisoryforperlwebserver
链接:http://archives.neohapsis.com/archives/bugtraq/2001-04/0426.html
来源:XF
名称:perl-webserver-directory-traversal(6451)
链接:http://xforce.iss.net/static/6451.php