发布时间 :2001-08-14 00:00:00
修订时间 :2017-12-18 21:29:21

[原文]Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags.

[CNNVD]Aladdin eSafe Gateway过滤绕过漏洞(CNNVD-200108-057)

        Aladdin eSafe Gateway 2.x版本存在漏洞。远程攻击者可以借助含被嵌入在其他SCRIPT标签内的SCRIPT标签的HTML标签特殊参数来绕过HTML SCRIPT过滤。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(VENDOR_ADVISORY)  BUGTRAQ  20010529 Aladdin eSafe Gateway Filter Bypass - Updated Advisory
(UNKNOWN)  XF  esafe-gateway-bypass-filtering(6580)

- 漏洞信息

Aladdin eSafe Gateway过滤绕过漏洞
高危 未知
2001-08-14 00:00:00 2007-05-14 00:00:00
        Aladdin eSafe Gateway 2.x版本存在漏洞。远程攻击者可以借助含被嵌入在其他SCRIPT标签内的SCRIPT标签的HTML标签特殊参数来绕过HTML SCRIPT过滤。

- 公告与补丁


- 漏洞信息 (20890)

Aladdin Knowledge Systems eSafe Gateway 3.0 HTML tag Script-filtering Bypass Vulnerability (EDBID:20890)
multiple remote
2001-05-29 Verified
0 eDvice Security Services
N/A [点击下载]

eSafe Gateway is a security utility used for filtering internet content.

It is possible to craft an html file that slips through eSafe Gateway's script filtering feature. eSafe Gateway will ignore scripting commands that are embedded in any html tags that allow it. This causes eSafe Gateway to generate filtered html that still includes potentially dangerous scripting functions. 

For example, the following potentially harmful script will go
undetected by eSafe, even if the "remove all scripts" option is enabled:

<A HREF="javascript:var fso = new
ActiveXObject('Scripting.FileSystemObject');var a =
fso.CreateTextFile('c:\\testfile2.txt', true);a.WriteLine('This is a
test.');a.Close();">Click here</A>

HREF is not the only tag ignored. Any tag capable of containing scripting
command will not be filtered by eSafe. For example:

<BODY onload="alert('hi');"> 		

- 漏洞信息

Aladdin eSafe Gateway Nested SCRIPT Tag Filtering Bypass
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

- 时间线

2001-05-21 Unknow
2001-05-21 Unknow

- 解决方案


Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete