ACME Labs thttpd跨站脚本执行漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106704 漏洞类型 未知
发布时间 2002-04-25 更新时间 2006-08-03
CVE编号 CVE-2002-0733 CNNVD-ID CNNVD-200208-238
漏洞平台 Linux CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/21422
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200208-238
|漏洞详情
thttpd是一款由ACME工作室维护的WEB服务程序,可使用在BSD、Solaris、Linux操作系统下。thttpd对用户提交的URL请求数据缺少正确充分的检查,可导致攻击者进行跨站脚本执行攻击。当thttpd产生错误页面信息时,没有正确检查提供在URL的脚本代码,可导致攻击者在提交的URL中插入恶意脚本代码,当其他用户查看此链接的时候,恶意脚本代码可以thttpd站点上下文在用户浏览器中执行,导致用户基于Cookie认证的信息泄露给攻击者。此漏洞在2.20b版本上测试成功,其他版本也可能存在此问题。
|漏洞EXP
source: http://www.securityfocus.com/bid/4601/info

thttpd is a web server product maintained by ACME Labs. thttpd has been compiled for Linux, BSD and Solaris, as well as other Unix like operating systems.

Cross Site Scripting issues has been reported in some versions of thttpd. thttpd fails to check URLs for the presence of script commands when generating error pages, allowing the attacker-supplied code to execute within the context of the hosted site.

It should be noted that this issue was tested on 2.20b, other versions may also be affected by this issue. 

http://www.host.com/<script>[SCRIPT]</script>
|参考资料

来源:BID
名称:4601
链接:http://www.securityfocus.com/bid/4601
来源:XF
名称:thttpd-error-page-css(9029)
链接:http://www.iss.net/security_center/static/9029.php
来源:www.ifrance.com
链接:http://www.ifrance.com/kitetoua/tuto/5holes1.txt
来源:www.acme.com
链接:http://www.acme.com/software/thttpd/#releasenotes
来源:VULNWATCH
名称:20020417Smallsholeson5products#1
链接:http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0155.html
来源:OSVDB
名称:5125
链接:http://www.osvdb.org/5125