Sambar Server多个漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1107978 漏洞类型 跨站脚本
发布时间 2004-06-01 更新时间 2006-01-24
CVE编号 CVE-2004-2564 CNNVD-ID CNNVD-200412-302
漏洞平台 Windows CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/24161
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-302
|漏洞详情
Windows中的SambarServer6.1Beta2,可能还有Linux中的其他版本存在多个跨站脚本(XSS)漏洞。远程攻击者借助(1)show.asp的中的show参数和(2)showperf.asp中的title参数注入任意web脚本或者HTML。
|漏洞EXP
source: http://www.securityfocus.com/bid/10444/info

Sambar Server is reportedly prone to multiple vulnerabilities. These issues may allow an attacker to access sensitive files and carry out directory traversal and cross-site scripting attacks.

These issues require an attacker to have administrative privileges, however, it is reported that an administrative password is not set on the server by default. An administrator who is not intended to have certain privileges may also exploit these vulnerabilities.

Sambar 6.1 Beta 2 is reported to be prone to these issues, however, it is likely that other versions are affected as well.

http://www.example.com/sysadmin/system/show.asp?show=<script>alert("oops")</script>
|参考资料

来源:XF
名称:sambar-show-showperf-xss(16286)
链接:http://xforce.iss.net/xforce/xfdb/16286
来源:BID
名称:10444
链接:http://www.securityfocus.com/bid/10444
来源:OSVDB
名称:6584
链接:http://www.osvdb.org/6584
来源:OSVDB
名称:6583
链接:http://www.osvdb.org/6583
来源:www.oliverkarow.de
链接:http://www.oliverkarow.de/research/sambar.txt
来源:SECTRACK
名称:1010353
链接:http://securitytracker.com/id?1010353
来源:SECUNIA
名称:11748
链接:http://secunia.com/advisories/11748