Sascha Schroeder krypt Enkrypt.PHP 目录遍历漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1112461 漏洞类型 路径遍历
发布时间 2007-03-16 更新时间 2007-03-21
CVE编号 CVE-2007-1509 CNNVD-ID CNNVD-200703-460
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/29748
https://cxsecurity.com/issue/WLB-2007030156
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200703-460
|漏洞详情
SaschaSchroederkrypt(又称HoltstraeterRot13)的enkrypt.php文件中存在目录遍历漏洞。远程攻击者可以借助datei参数中的..,读取任意文件。
|漏洞EXP
source: http://www.securityfocus.com/bid/22997/info

Holtstraeter Rot 13 is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to retrieve the contents of arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks. 

http://www.example.com/enkrypt.php?datei=../../../../etc/passwd
|参考资料

来源:BID
名称:22997
链接:http://www.securityfocus.com/bid/22997
来源:BUGTRAQ
名称:20070316Rot13<=(enkrypt.php)RemoteFileDisclosureVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/463011/100/0/threaded
来源:OSVDB
名称:34089
链接:http://osvdb.org/34089
来源:XF
名称:rot-enkrypt-directory-traversal(33027)
链接:http://xforce.iss.net/xforce/xfdb/33027
来源:SREASON
名称:2458
链接:http://securityreason.com/securityalert/2458