Hummingbird Enterprise Collaboration 未明漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109617 漏洞类型
发布时间 2006-01-10 更新时间 2006-01-18
CVE编号 CVE-2006-0173 CNNVD-ID CNNVD-200601-120
漏洞平台 CGI CVSS评分 4.0
|漏洞来源
https://www.exploit-db.com/exploits/27061
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200601-120
|漏洞详情
HummingbirdCollaboration(也称为HummingbirdEnterpriseCollaboration)5.21及更早版本,可让远程攻击者通过修改的doc_ext和id参数错误表示文件类型和名称,这可能会欺骗用户下载危险或不想要的内容。
|漏洞EXP
source: http://www.securityfocus.com/bid/16195/info

Hummingbird Enterprise Collaboration is prone to multiple vulnerabilities.

The following specific issues were identified:

The application reportedly allows remote attackers to upload arbitrary HTML files and script code to the application.

Another vulnerability allows attackers to trick users into downloading potentially malicious files.

An attacker may also disclose sensitive information about the server by sending specially crafted HTTP GET requests.

Hummingbird Enterprise Collaboration 5.2.1 and prior versions are vulnerable to these issues.

To trick users into downloading a potentially malicious file, the file is named 'fake.doc', however, a file with the ID of 1189762 is actually downloaded:
https://www.example.com/hc/hc/fake.doc?d=fc&o=dwnd&fid=1189762&did=89777&x=16080&doc_ext=.txt
|参考资料

来源:VUPEN
名称:ADV-2006-0145
链接:http://www.frsirt.com/english/advisories/2006/0145
来源:BID
名称:16195
链接:http://www.securityfocus.com/bid/16195
来源:BUGTRAQ
名称:20060110MultipleVulnerabilitiesinHummingbirdCollaboration
链接:http://www.securityfocus.com/archive/1/archive/1/421392/100/0/threaded
来源:MISC
链接:http://www.securenetwork.it/advisories/sn-2006-01.html
来源:SECUNIA
名称:18411
链接:http://secunia.com/advisories/18411
来源:XF
名称:hummingbird-enterprise-file-download(24068)
链接:http://xforce.iss.net/xforce/xfdb/24068