TorrentFlux 'Dir.PHP'目录遍历漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1111394 漏洞类型 路径遍历
发布时间 2006-10-27 更新时间 2007-07-05
CVE编号 CVE-2006-5609 CNNVD-ID CNNVD-200610-517
漏洞平台 PHP CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/28867
https://www.securityfocus.com/bid/20771
https://cxsecurity.com/issue/WLB-2006100159
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200610-517
|漏洞详情
TorrentFlux2.1的dir.php中存在目录遍历漏洞,远程攻击者可以通过dir参数中的"\.\./"序列列出任意目录。
|漏洞EXP
source: http://www.securityfocus.com/bid/20771/info

TorrentFlux is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. 

An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid attackers in further attacks.

TorrentFlux 2.1 is reported vulnerable; other versions may be affected as well.

http://www.example.com/torrentfluxroot/dir.php?dir=\.\./\.\./\.\./etc/
|受影响的产品
TorrentFlux TorrentFlux 2.1
|参考资料

来源:BUGTRAQ
名称:20061026DirectoryTraversalinTorrentFlux2.1
链接:http://www.securityfocus.com/archive/1/archive/1/449893/100/0/threaded
来源:BID
名称:20771
链接:http://www.securityfocus.com/bid/20771
来源:SREASON
名称:1797
链接:http://securityreason.com/securityalert/1797