发布时间 :1999-03-01 00:00:00
修订时间 :2008-09-09 08:34:26

[原文]Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.

[CNNVD]Microsoft Personal Web Server,FrontPage Personal Web Server漏洞(CNNVD-199903-021)

        Microsoft Personal Web服务器和FrontPage Personal Web服务器在一些Windows系统上存在漏洞。远程攻击者可以使用非标准URL阅读服务器上的文件。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:microsoft:personal_web_server:4.0Microsoft personal_web_server 4.0
cpe:/a:microsoft:frontpageMicrosoft Frontpage

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  MS  MS99-010

- 漏洞信息

Microsoft Personal Web Server,FrontPage Personal Web Server漏洞
中危 未知
1999-03-01 00:00:00 2005-05-02 00:00:00
        Microsoft Personal Web服务器和FrontPage Personal Web服务器在一些Windows系统上存在漏洞。远程攻击者可以使用非标准URL阅读服务器上的文件。

- 公告与补丁


- 漏洞信息 (19753)

MS FrontPage Personal WebServer 1.0/Personal Web Server 4.0 Directory Traversal (EDBID:19753)
windows remote
1996-01-17 Verified
0 kiborg
N/A [点击下载]

Microsoft's Personal Web Server and Front Page Personal Web Server will follow '/..../' strings in requested URLs, allowing remote users to obtain unauthenticated read access to files and directories on the same logical drive as the web content. Hidden files are viewable via this method, although the Front Page directory itself is not. The name and path of the desired file must be known to the attacker.

Note that while these programs support Windows 95, 98 and NT, only the Win9x versions are vulnerable. 


- 漏洞信息

Microsoft Personal Web Server Multiple Dot Request Arbitrary File Access
Remote / Network Access Authentication Management, Input Manipulation
Loss of Integrity Patch / RCS
Exploit Public Third-party Verified

- 漏洞描述

Personal Web Server contains a flaw that allows a remote attacker to view arbitrary files outside of the web path. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the URI.

- 时间线

1996-01-17 Unknow
1996-01-17 Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete