Hosting Controller 'FolderManager.ASPX'目录遍历漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1111882 漏洞类型 路径遍历
发布时间 2006-12-27 更新时间 2007-01-02
CVE编号 CVE-2006-6814 CNNVD-ID CNNVD-200612-600
漏洞平台 ASP CVSS评分 6.3
|漏洞来源
https://www.exploit-db.com/exploits/29357
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200612-600
|漏洞详情
HostingController7c中的FolderManager/FolderManager.aspx存在目录遍历漏洞,远程认证用户可通过BrowsePath参数内的..\(点点反斜杠)序列来读和修改任意文件并列出任意目录。
|漏洞EXP
source: http://www.securityfocus.com/bid/21786/info

Hosting Controller is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. 

An attacker can exploit this issue to modify or retrieve arbitrary files in the context of the webserver process. This may aid in further attacks.

This issue affects version 7C; earlier versions may also be vulnerable.

http://www.example.com/FolderManager/FolderManager.aspx?BrowseLevel=1&BrowsePath=[SITE NORMAL PATH]\..\..\..\..\program%20files
|参考资料

来源:BID
名称:21786
链接:http://www.securityfocus.com/bid/21786
来源:MISC
链接:http://www.kapda.ir/advisory-458.html
来源:SECTRACK
名称:1017447
链接:http://securitytracker.com/id?1017447
来源:VUPEN
名称:ADV-2007-0023
链接:http://www.frsirt.com/english/advisories/2007/0023
来源:SECUNIA
名称:23585
链接:http://secunia.com/advisories/23585