Hummingbird Enterprise Collaboration信息泄露漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109616 漏洞类型
发布时间 2006-01-10 更新时间 2006-01-17
CVE编号 CVE-2006-0174 CNNVD-ID CNNVD-200601-121
漏洞平台 CGI CVSS评分 4.0
|漏洞来源
https://www.exploit-db.com/exploits/27062
https://cxsecurity.com/issue/WLB-2006010017
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200601-121
|漏洞详情
HummingbirdCollaboration(也称为HummingbirdEnterpriseCollaboration)5.21及更早版本存在信息泄露漏洞,远程攻击者可以通过直接请求hc,从而导致在出错信息或cookie中揭示信息来获取敏感信息(内联网IP地址和有效参数枚举)。
|漏洞EXP
source: http://www.securityfocus.com/bid/16195/info
 
Hummingbird Enterprise Collaboration is prone to multiple vulnerabilities.
 
The following specific issues were identified:
 
The application reportedly allows remote attackers to upload arbitrary HTML files and script code to the application.
 
Another vulnerability allows attackers to trick users into downloading potentially malicious files.
 
An attacker may also disclose sensitive information about the server by sending specially crafted HTTP GET requests.
 
Hummingbird Enterprise Collaboration 5.2.1 and prior versions are vulnerable to these issues.

To disclose the internal IP address:

https://www.example.com/hc/hc?d=mes&x=20433&ntb=[numericParam]

Where the ntb parameter is supplied a numeric value instead of a string value. The internal IP address of the server may be found in a cookie.
|参考资料

来源:BID
名称:16195
链接:http://www.securityfocus.com/bid/16195
来源:BUGTRAQ
名称:20060110MultipleVulnerabilitiesinHummingbirdCollaboration
链接:http://www.securityfocus.com/archive/1/archive/1/421392/100/0/threaded
来源:MISC
链接:http://www.securenetwork.it/advisories/sn-2006-01.html
来源:VUPEN
名称:ADV-2006-0145
链接:http://www.frsirt.com/english/advisories/2006/0145
来源:SECUNIA
名称:18411
链接:http://secunia.com/advisories/18411
来源:XF
名称:hummingbird-enterprise-information-disclosure(24069)
链接:http://xforce.iss.net/xforce/xfdb/24069
来源:SREASON
名称:328
链接:http://securityreason.com/securityalert/328