Opera FTP PASV 端口扫描漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1112504 漏洞类型 信息泄露
发布时间 2007-03-21 更新时间 2007-04-30
CVE编号 CVE-2007-1563 CNNVD-ID CNNVD-200703-533
漏洞平台 Linux CVSS评分 6.8
|漏洞来源
https://www.exploit-db.com/exploits/29769
https://www.securityfocus.com/bid/23089
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200703-533
|漏洞详情
Opera9.10版本中的FTP协议执行工具允许远程攻击者和远程服务商通过对FTPPASV相应中的备用服务器地址进行分类,来强制客户端连接到其他服务器,执行代理端口扫描或获得敏感信息。
|漏洞EXP
source: http://www.securityfocus.com/bid/23089/info

Opera is prone to vulnerability that may allow attackers to obtain potentially sensitive information.

A successful exploit of this issue would cause the affected application to connect to arbitrary TCP ports and potentially reveal sensitive information about services that are running on the affected computer. Information obtained may aid attackers in further attacks. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/29769.zip
|受影响的产品
SuSE Linux 9.3 x86-64 SuSE Linux 9.3 x86 SuSE Linux 10.1 x86-64 SuSE Linux 10.1 x86 SuSE Linux 10.1 ppc SuSE Linux 10.0 x86-64 SuSE Linux 10.0 x86
|参考资料

来源:BID
名称:23089
链接:http://www.securityfocus.com/bid/23089
来源:VUPEN
名称:ADV-2007-1075
链接:http://www.frsirt.com/english/advisories/2007/1075
来源:MISC
链接:http://bindshell.net/papers/ftppasv/ftp-client-pasv-manipulation.pdf
来源:SECTRACK
名称:1017802
链接:http://www.securitytracker.com/id?1017802
来源:SUSE
名称:SUSE-SA:2007:028
链接:http://www.novell.com/linux/security/advisories/2007_28_opera.html
来源:SECUNIA
名称:25027
链接:http://secunia.com/advisories/25027