NewAtlanta ServletExec/ISAPI路径泄露漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106739 漏洞类型 未知
发布时间 2002-05-22 更新时间 2005-05-02
CVE编号 CVE-2002-0892 CNNVD-ID CNNVD-200210-077
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/21469
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200210-077
|漏洞详情
ServletExec/ISAPI是一款运行在MicrosoftIISWEB平台下的JavaServlet/JSP引擎插件,可使用在MicrosoftWindowsNT/2000/XP系统下的IISWEB服务程序中。ServletExec/ISAPI对用户提交的没有文件名的URL请求处理不够正确,可导致远程攻击者获得系统中Web主目录安装路径信息。远程攻击者可以通过直接请求调用'com.newatlanta.servletexec.JSP10Servlet'类而不带任何文件名,服务程序就会返回包含Web主目录安装路径信息的错误给客户端,攻击者可以利用此漏洞得到的信息对系统进一步进行攻击。
|漏洞EXP
source: http://www.securityfocus.com/bid/4793/info

ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on Microsoft Windows NT/2000/XP systems.

ServletExec/ISAPI discloses the absolute path to the webroot directory when sent a specially formatted request without a trailing filename.

This type of sensitive information may aid in further attacks against the host running the vulnerable software.

http://target/servlet/com.newatlanta.servletexec.JSP10Servlet/
|参考资料

来源:BID
名称:4793
链接:http://www.securityfocus.com/bid/4793
来源:XF
名称:servletexec-jsp10servlet-path-disclosure(9139)
链接:http://www.iss.net/security_center/static/9139.php
来源:www.newatlanta.com
链接:http://www.newatlanta.com/do/findFaq?faq_id=151
来源:BUGTRAQ
名称:20020522MultiplevulnerabilitiesinNewAtlantaServletExecISAPI4.1
链接:http://online.securityfocus.com/archive/1/273615
来源:VULNWATCH
名称:20020522[VulnWatch]MultiplevulnerabilitiesinNewAtlantaServletExecISAPI4.1
链接:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0077.html