CVE-2000-0913
CVSS5.0
发布时间 :2000-12-19 00:00:00
修订时间 :2008-09-05 16:22:10
NMCO    

[原文]mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.


[CNNVD]Apache Rewrite模块任意文件泄露漏洞(CNNVD-200012-143)

        Apache是一款使用广泛的开放源代码WEB服务程序。mod_rewrite是Apache 1.2及之后版本捆绑的模块,用于将特殊URL映射到Web Server的文件系统中的绝对文件。
        Apache的mod_rewrite在处理特殊的路径串时存在问题,远程攻击者可能利用此漏洞在主机读取任意文件。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:apache:http_server:1.0Apache Software Foundation Apache HTTP Server 1.0
cpe:/a:apache:http_server:1.3.12Apache Software Foundation Apache HTTP Server 1.3.12
cpe:/a:apache:http_server:1.3.11::win32
cpe:/a:apache:http_server:1.0.5Apache Software Foundation Apache HTTP Server 1.0.5
cpe:/a:apache:http_server:0.8.11Apache Software Foundation Apache HTTP Server 0.8.11
cpe:/a:apache:http_server:1.1Apache Software Foundation Apache HTTP Server 1.1
cpe:/a:apache:http_server:1.1.1Apache Software Foundation Apache HTTP Server 1.1.1
cpe:/a:apache:http_server:1.0.2Apache Software Foundation Apache HTTP Server 1.0.2
cpe:/a:apache:http_server:0.8.14Apache Software Foundation Apache HTTP Server 0.8.14
cpe:/a:apache:http_server:1.0.3Apache Software Foundation Apache HTTP Server 1.0.3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0913
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0913
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200012-143
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/static/5310.php
(VENDOR_ADVISORY)  XF  apache-rewrite-view-files
http://www.securityfocus.com/bid/1728
(VENDOR_ADVISORY)  BID  1728
http://www.redhat.com/support/errata/RHSA-2000-095.html
(UNKNOWN)  REDHAT  RHSA-2000:095
http://www.redhat.com/support/errata/RHSA-2000-088.html
(UNKNOWN)  REDHAT  RHSA-2000:088
http://www.linux-mandrake.com/en/security/MDKSA-2000-060-2.php3?dis=7.1
(UNKNOWN)  MANDRAKE  MDKSA-2000:060
http://www.calderasystems.com/support/security/advisories/CSSA-2000-035.0.txt
(UNKNOWN)  CALDERA  CSSA-2000-035.0
http://archives.neohapsis.com/archives/hp/2000-q4/0021.html
(UNKNOWN)  HP  HPSBUX0010-126
http://archives.neohapsis.com/archives/bugtraq/2000-10/0174.html
(UNKNOWN)  BUGTRAQ  20001011 Conectiva Linux Security Announcement - apache
http://archives.neohapsis.com/archives/bugtraq/2000-09/0352.html
(UNKNOWN)  BUGTRAQ  20000929 Security vulnerability in Apache mod_rewrite

- 漏洞信息

Apache Rewrite模块任意文件泄露漏洞
中危
2000-12-19 00:00:00 2012-11-28 00:00:00
远程  
        Apache是一款使用广泛的开放源代码WEB服务程序。mod_rewrite是Apache 1.2及之后版本捆绑的模块,用于将特殊URL映射到Web Server的文件系统中的绝对文件。
        Apache的mod_rewrite在处理特殊的路径串时存在问题,远程攻击者可能利用此漏洞在主机读取任意文件。

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        厂商补丁:
        Apache Group
        ------------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        
        http://www.apache.org

        MandrakeSoft
        ------------
        MandrakeSoft已经为此发布了一个安全公告(MDKSA-2000:060)以及相应补丁:
        MDKSA-2000:060:apache update
        链接:
        http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-060.php3

        补丁下载:
         ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates
         ftp://ftp.free.fr/pub/Distributions_Linux/Mandrake/updates
        RedHat
        ------
        RedHat已经为此发布了一个安全公告(RHSA-2000:088-04)以及相应补丁:
        RHSA-2000:088-04:Updated apache, php, mod_perl, and auth_ldap packages available.
        链接:https://www.redhat.com/support/errata/RHSA-2000-088.html
        补丁下载:
        Red Hat Linux 5.2:
        alpha:
        ftp://updates.redhat.com/5.2/alpha/apache-1.3.14-2.5.x.alpha.rpm
        ftp://updates.redhat.com/5.2/alpha/apache-devel-1.3.14-2.5.x.alpha.rpm
        ftp://updates.redhat.com/5.2/alpha/mod_perl-1.19-2.alpha.rpm
        ftp://updates.redhat.com/5.2/alpha/php-3.0.17-1.5.x.alpha.rpm
        ftp://updates.redhat.com/5.2/alpha/php-manual-3.0.17-1.5.x.alpha.rpm
        ftp://updates.redhat.com/5.2/alpha/php-pgsql-3.0.17-1.5.x.alpha.rpm
        sparc:
        ftp://updates.redhat.com/5.2/sparc/apache-1.3.14-2.5.x.sparc.rpm
        ftp://updates.redhat.com/5.2/sparc/apache-devel-1.3.14-2.5.x.sparc.rpm
        ftp://updates.redhat.com/5.2/sparc/mod_perl-1.19-2.sparc.rpm
        ftp://updates.redhat.com/5.2/sparc/php-3.0.17-1.5.x.sparc.rpm
        ftp://updates.redhat.com/5.2/sparc/php-manual-3.0.17-1.5.x.sparc.rpm
        ftp://updates.redhat.com/5.2/sparc/php-pgsql-3.0.17-1.5.x.sparc.rpm
        i386:
        ftp://updates.redhat.com/5.2/i386/apache-1.3.14-2.5.x.i386.rpm
        ftp://updates.redhat.com/5.2/i386/apache-devel-1.3.14-2.5.x.i386.rpm
        ftp://updates.redhat.com/5.2/i386/mod_perl-1.19-2.i386.rpm
        ftp://updates.redhat.com/5.2/i386/php-3.0.17-1.5.x.i386.rpm
        ftp://updates.redhat.com/5.2/i386/php-manual-3.0.17-1.5.x.i386.rpm
        ftp://updates.redhat.com/5.2/i386/php-pgsql-3.0.17-1.5.x.i386.rpm
        sources:
        

- 漏洞信息

1577
Apache HTTP Server mod_rewrite RewriteRule Expansion Arbitrary File Access
Remote / Network Access
Loss of Confidentiality Upgrade
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2000-09-29 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站