ATutor Chat Logs远程信息泄漏漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109071 漏洞类型 访问验证错误
发布时间 2005-09-14 更新时间 2006-08-23
CVE编号 CVE-2005-2956 CNNVD-ID CNNVD-200509-157
漏洞平台 PHP CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/26258
https://cxsecurity.com/issue/WLB-2005090007
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200509-157
|漏洞详情
ATutor是一个开源基于Web的学习管理系统(LCMS)。ATutor1.5.1版本(可能还包括早期版本)在web文档根目录下存储的临时聊天日志,对其访问控制不力,且文件名易于预测。远程攻击者利用此漏洞通过对这些文件直接发送请求获得用户聊天记录。
|漏洞EXP
source: http://www.securityfocus.com/bid/14832/info

ATutor is prone to a remote information disclosure vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to privileged information.

A remote attacker can exploit this vulnerability and make repeated GET requests for the chat logs, effectively retrieving all chat archives. Information obtained may aid an attacker in further attacks. 

http://www.example.com/atutor/content/chat/2/msgs/1.message
http://www.example.com/atutor/content/chat/2/msgs/2.message
http://www.example.com/atutor/content/chat/2/msgs/3.message
|参考资料

来源:BID
名称:14832
链接:http://www.securityfocus.com/bid/14832
来源:MISC
链接:http://rgod.altervista.org/atutor151.html
来源:BUGTRAQ
名称:20050914ATutor1.5.1SQLInjection/Admincredentialsdisclosure/Informationdisclosure/Userimpersonation/Remotecodeexecution
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=112671176100432&w=2
来源:SREASON
名称:9
链接:http://securityreason.com/securityalert/9