Gattaca Server 2003多个路径披露漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1108050 漏洞类型 其他
发布时间 2004-07-15 更新时间 2006-01-24
CVE编号 CVE-2004-2518 CNNVD-ID CNNVD-200412-436
漏洞平台 CGI CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/24285
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-436
|漏洞详情
GattacaServer20031.1.10.0版本存在漏洞。远程攻击者可以借助(1)URL的拖尾空字节("%00")或者(2)web.tmpl的无效LANGUAGE参数获得敏感信息,该漏洞在出错消息中泄露了安装的全部路径。
|漏洞EXP
source: http://www.securityfocus.com/bid/10729/info
 
It is reported that Gattaca Server 2003 contains multiple path disclosure vulnerabilities.
 
By sending HTTP requests to Gattaca's web server, it is reportedly possible to cause the application to return error pages that contain the full installation path of the application and the web document root path.
 
These vulnerabilities could be used by an attacker to aid them in further attacks against the server.
 
Version 1.1.10.0 is reported vulnerable. Prior versions may also contain these vulnerabilities as well. 

http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=[whatever]
|参考资料

来源:members.lycos.co.uk
链接:http://members.lycos.co.uk/r34ct/main/Gattaca%20Server%202003.txt
来源:XF
名称:gattaca-language-path-disclosure(16700)
链接:http://xforce.iss.net/xforce/xfdb/16700
来源:XF
名称:gattaca-null-path-disclosure(16699)
链接:http://xforce.iss.net/xforce/xfdb/16699
来源:BID
名称:10729
链接:http://www.securityfocus.com/bid/10729
来源:OSVDB
名称:7923
链接:http://www.osvdb.org/7923
来源:OSVDB
名称:7922
链接:http://www.osvdb.org/7922
来源:www.gattaca-server.com
链接:http://www.gattaca-server.com/cgi-bin/yabb/YaBB.pl?board=gattaca_discussion;action=display;num=1091194176;start=0#0
来源:SECTRACK
名称:1010703
链接:http://securitytracker.com/id?1010703
来源:SECUNIA
名称:12071
链接:http://secunia.com/advisories/12071