Spyce - Python Server Pages ’spyce/examples/automaton.spy‘信息泄露漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1112243 漏洞类型 输入验证
发布时间 2007-02-19 更新时间 2008-09-05
CVE编号 CVE-2008-0982 CNNVD-ID CNNVD-200802-467
漏洞平台 PHP CVSS评分 5.8
|漏洞来源
https://www.exploit-db.com/exploits/31270
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200802-467
|漏洞详情
Spyce-PythonServerPages(PSP)存在敏感信息泄露漏洞。远程攻击者可以借助对spyce/examples/automaton.spy的一个直接请求获取敏感信息。该请求会在错误信息中显示路径。
|漏洞EXP
source: http://www.securityfocus.com/bid/27898/info
     
Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution.
     
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The attacker can also obtain a server's webroot path.
     
The issues affect Spyce 2.1.3; other versions may also be vulnerable. 

Requesting the following URL returns the server's webroot:
http://www.example.com/spyce/examples/automaton.spy
|参考资料

来源:BID
名称:27898
链接:http://www.securityfocus.com/bid/27898
来源:BUGTRAQ
名称:20080219PR08-01:SeveralXSS,across-domainredirectandawebrootdisclosureonSpyce-PythonServerPages(PSP)
链接:http://www.securityfocus.com/archive/1/archive/1/488336/100/0/threaded
来源:MISC
链接:http://www.procheckup.com/Vulnerability_PR08-01.php
来源:SREASON
名称:3699
链接:http://securityreason.com/securityalert/3699