发布时间 :2001-07-23 00:00:00
修订时间 :2017-10-09 21:29:57

[原文]Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing "%2e" strings.

[CNNVD]IBM Tivoli WebSEAL Policy Director文件泄露漏洞(CNNVD-200107-170)

        IBM Tivoli WebSEAL Policy Director 3.01到3.7.1版本存在目录遍历漏洞。远程攻击者可以借助包含“%2e”字符串的编码..(点 点)序列读取任意文件。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:ibm:tivoli_secureway_policy_director:3.0.1IBM Tivoli SecureWay Policy Director 3.0.1
cpe:/a:ibm:tivoli_secureway_policy_director:3.6IBM Tivoli SecureWay Policy Director 3.6
cpe:/a:ibm:tivoli_secureway_policy_director:3.7IBM Tivoli SecureWay Policy Director 3.7
cpe:/a:ibm:tivoli_secureway_policy_director:3.7.1IBM Tivoli SecureWay Policy Director 3.7.1

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(VENDOR_ADVISORY)  BUGTRAQ  20010723 iXsecurity.20010618.policy_director.a
(UNKNOWN)  XF  tivoli-secureway-dot-directory-traversal(6884)

- 漏洞信息

IBM Tivoli WebSEAL Policy Director文件泄露漏洞
中危 路径遍历
2001-07-23 00:00:00 2005-10-12 00:00:00
        IBM Tivoli WebSEAL Policy Director 3.01到3.7.1版本存在目录遍历漏洞。远程攻击者可以借助包含“%2e”字符串的编码..(点 点)序列读取任意文件。

- 公告与补丁


- 漏洞信息

IBM Tivoli SecureWay WebSEAL Proxy Policy Director Encoded Traversal Arbitrary File Access
Remote / Network Access Authentication Management, Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

Tivoli SecureWay Policy Director contains a flaw that allows a remote attacker to access arbitrary files or execute arbitrary scripts outside of the web path. The issue is due to the server not properly sanitizing user input, specifically encoded traversal style attacks (../../) supplied via the URI.

- 时间线

2001-07-23 Unknow
2001-07-23 Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, IBM has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete