Claroline 'claroline/redirector.php '重定向攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1115684 漏洞类型 后置链接
发布时间 2008-07-15 更新时间 2009-01-29
CVE编号 CVE-2008-3261 CNNVD-ID CNNVD-200807-365
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/32071
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200807-365
|漏洞详情
Claroline是一套适用于传统教育培训的教学辅助平台。Claroline1.8.10之前版本的claroline/redirector.php中存在公开重定向漏洞。远程攻击者通过一个在url参数中的URL来重定向至任意web站点和引起钓鱼攻击。
|漏洞EXP
source: http://www.securityfocus.com/bid/30269/info
            
Claroline is prone to multiple input-validation vulnerabilities:
            
1. Multiple cross-site scripting vulnerabilities.
2. A remote URI-redirection vulnerability.
            
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and redirect users to an attacker-controlled site; this may aid in phishing-style attacks.
            
Versions prior to Claroline 1.8.10 are vulnerable. 

http://www.example.com/[installdir]/claroline/redirector.php?url=http://www.example2.com
|参考资料

来源:XF
名称:claroline-unknown-unspecified(43854)
链接:http://xforce.iss.net/xforce/xfdb/43854
来源:BID
名称:30269
链接:http://www.securityfocus.com/bid/30269
来源:BUGTRAQ
名称:20080718[DSECRG-08-030]Claroline1.8.9MultipleSecurityVulnerabilities
链接:http://www.securityfocus.com/archive/1/archive/1/494539/100/0/threaded
来源:wiki.claroline.net
链接:http://wiki.claroline.net/index.php/Changelog_1.8.x#Modification_between_claroline_1.8.9_and_1.8.10
来源:sourceforge.net
链接:http://sourceforge.net/project/shownotes.php?release_id=613634
来源:SREASON
名称:4020
链接:http://securityreason.com/securityalert/4020