MIMAnet viewsrc.cgi目录遍历漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106350 漏洞类型 路径遍历
发布时间 2001-05-23 更新时间 2005-05-02
CVE编号 CVE-2001-0630 CNNVD-ID CNNVD-200108-117
漏洞平台 CGI CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/20878
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200108-117
|漏洞详情
MIMAnetviewsrc.cgi2.0版本存在目录遍历漏洞。远程攻击者可以借助'loc'变量的'..'(点点)攻击读取任意文件。
|漏洞EXP
source: http://www.securityfocus.com/bid/2762/info

MIMAnet Source Viewer is a freely available CGI script which allows users to view the source code of files located elsewhere on the server.

Source Viewer accepts an argument, 'loc', which it uses as the filename when opening the requested file. Unfortunately it does not filter '..' and '/' characters, which can be misinterpreted by the script and cause files outside of the intended directory to be opened. As a result, it may be possible for attackers to view the contents of arbitrary webserver-readable files on the filesystem.

The following URL demonstrates the problem:

http://localhost/cgi-bin/viewsrc.cgi?
loc=../[any file outside restricted directory]
|参考资料

来源:BID
名称:2762
链接:http://www.securityfocus.com/bid/2762
来源:BUGTRAQ
名称:20010523Vulnerabilityinviewsrc.cgi
链接:http://archives.neohapsis.com/archives/bugtraq/2001-05/0231.html
来源:XF
名称:viewsrc-cgi-view-files(6583)
链接:http://xforce.iss.net/static/6583.php
来源:OSVDB
名称:5565
链接:http://www.osvdb.org/5565