CapaSystems Performance Guard 目录遍历漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1166447 漏洞类型 路径遍历
发布时间 2013-08-29 更新时间 2013-08-29
CVE编号 CVE-2013-5216 CNNVD-ID CNNVD-201308-472
漏洞平台 N/A CVSS评分 5.0
|漏洞来源
https://www.securityfocus.com/bid/62069
https://cxsecurity.com/issue/WLB-2013080235
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201308-472
|漏洞详情
CapaSystemsA/S是丹麦CapaSystemsA/S公司的一套IT系统管理软件,该软件支持系统管理、软件分发和性能监测等。PerformanceGuard是其中的一个用于监控IT环境的程序。CapaSystemsPerformanceGuard6.2.102之前的版本中的logreader/uploadreader.jsp页面中存在目录遍历漏洞。远程攻击者可利用该漏洞查看任意文件。
|漏洞EXP
Application    Performance Guard
Vendor	       CapaSystems
Link           http://www.capasystems.com/it-performance-monitorin

Discovered by  Kerem Kocaer <kerem.kocaer(at)gmail(dot)com>

Problem
-------
Path traversal vulnerability in the "download logs" section allows remote attackers to read 
arbitrary files by intercepting and modifying the file path in an HTTP request to "uploadreader.jsp".

The vulnerability is confirmed to exist in version 6.1.27. Other versions may also be vulnerable.

Exploit
-------
This issue can be exploited with a web browser and a proxy tool to intercept and modify parameters 
sent to: http://[address]/logreader/uploadreader.jsp

Fix
---
The vendor has reported fixing the problem in version 6.2.102.
Bug Fix PG-8050 (http://capawiki.capasystems.com/display/pgdoc/PG+6.2.102)


Timeline
--------
2013-05-16	Provided details to CapaSystems
2013-06-07	Performance Guard version 6.2.102 released (with Bug fix PG-8050)


Reference
---------
CVE Number: CVE-2013-5216
|参考资料

来源:BID
名称:62069
链接:http://www.securityfocus.com/bid/62069
来源:SECUNIA
名称:54688
链接:http://secunia.com/advisories/54688
来源:capawiki.capasystems.com
链接:http://capawiki.capasystems.com/display/pgdoc/PG+6.2.102
来源:BUGTRAQ
名称:20130829CVE-2013-5216CapaSystemsPerformanceGuardPathTraversalVulnerability
链接:http://archives.neohapsis.com/archives/bugtraq/2013-08/0186.html