CVE-2001-0368
CVSS5.0
发布时间 :2001-06-27 00:00:00
修订时间 :2008-09-05 16:23:55
NMCOS    

[原文]Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack.


[CNNVD]Free Peers BearShare 目录遍历漏洞(CNNVD-200106-150)

        CVE(CAN) ID: CVE-2001-0368
        
        
        
        Free Peers Inc. BearShare 是微软平台上的文件共享工具。某些情况下BearShare
        
        易受目录遍历漏洞攻击。尽管该软件本身已经过滤了'/../'序列,可以对付一般情况
        
        下的目录遍历漏洞攻击,但还是有可能构造一些其他URL请求,躲过这种过滤从而到
        
        达攻击目的。如果BearShare的WEB特性被打开,远程攻击者利用该漏洞可以访问WEB
        
        根目录之外的其他目录。
        
        
        
        利用该漏洞时和文件类型有关。比如,无法利用该漏洞访问.avi和.mpg文件。原漏洞
        
        报告未透露更多细节。值得注意的是该漏洞并不影响Win2K上的BearShare。
        
        
        
        <* 来源:Aviram Jenik (aviram@beyondsecurity.com) *>
        
        
        
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:free_peers:bearshare:2.2
cpe:/a:free_peers:bearshare:2.2.1
cpe:/a:free_peers:bearshare:2.2.2

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0368
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0368
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200106-150
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/2672
(VENDOR_ADVISORY)  BID  2672
http://www.securityfocus.com/archive/1/180644
(VENDOR_ADVISORY)  BUGTRAQ  20010430 A Serious Security Vulnerability Found in BearShare (Directory Traversal)
http://xforce.iss.net/static/6481.php
(UNKNOWN)  XF  bearshare-dot-download-files(6481)
http://www.osvdb.org/1810
(UNKNOWN)  OSVDB  1810

- 漏洞信息

Free Peers BearShare 目录遍历漏洞
中危 输入验证
2001-06-27 00:00:00 2005-05-02 00:00:00
远程  
        CVE(CAN) ID: CVE-2001-0368
        
        
        
        Free Peers Inc. BearShare 是微软平台上的文件共享工具。某些情况下BearShare
        
        易受目录遍历漏洞攻击。尽管该软件本身已经过滤了'/../'序列,可以对付一般情况
        
        下的目录遍历漏洞攻击,但还是有可能构造一些其他URL请求,躲过这种过滤从而到
        
        达攻击目的。如果BearShare的WEB特性被打开,远程攻击者利用该漏洞可以访问WEB
        
        根目录之外的其他目录。
        
        
        
        利用该漏洞时和文件类型有关。比如,无法利用该漏洞访问.avi和.mpg文件。原漏洞
        
        报告未透露更多细节。值得注意的是该漏洞并不影响Win2K上的BearShare。
        
        
        
        <* 来源:Aviram Jenik (aviram@beyondsecurity.com) *>
        
        
        
        

- 公告与补丁

        
        
        关闭BearShare的WEB特性可以阻止远程攻击者利用该漏洞。厂商发布了补丁:
        
        
        http://download.cnet.com/downloads/

        
        0-1896420-108-69833.html?bt.45605.1857922..dl-69833
        
        
        
        
        

- 漏洞信息

1810
BearShare Arbitrary File Access
Remote / Network Access Input Manipulation
Loss of Confidentiality, Loss of Integrity
Exploit Public

- 漏洞描述

BearShare contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the URI.

- 时间线

2001-04-30 Unknow
2001-04-30 Unknow

- 解决方案

Upgrade to version 2.2.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Free Peers BearShare Directory Traversal Vulnerability
Input Validation Error 2672
Yes No
2001-04-30 12:00:00 2007-07-06 08:47:00
Reported to bugtraq by Aviram Jenik <aviram@beyondsecurity.com> on April 30, 2001.

- 受影响的程序版本

Free Peers BearShare 2.2.2
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
Free Peers BearShare 2.2.1
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
Free Peers BearShare 2.2
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows ME
Free Peers BearShare 2.2.3
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows Media License Manager 4.0

- 不受影响的程序版本

Free Peers BearShare 2.2.3
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows Media License Manager 4.0

- 漏洞讨论

Free Peers Inc. BearShare is a Windows-based file-sharing utility.

Under certain configurations and platforms, versions of BearShare are prone to directory-traversal attacks.

Although the product's website feature does filter '/../' sequences (which are commonly effective in traversal attacks), an attacker could construct a path expression that will bypass the product's input validation.

As a result, BearShare's website feature, if enabled, can permit a remote attacker to traverse the webserver's directory structure and request files from outside the web root.

Note that this vulnerability does not appear to affect Windows 2000 installations of BearShare.

- 漏洞利用

Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.

- 解决方案

The vendor has released a new version that fixes this problem.


Free Peers BearShare 2.2

Free Peers BearShare 2.2.1

Free Peers BearShare 2.2.2

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站