CVE-2002-0112
CVSS5.0
发布时间 :2002-03-25 00:00:00
修订时间 :2016-10-17 22:16:20
NMCOES    

[原文]Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL.


[CNNVD]EServ可访问受口令保护的文件漏洞(CNNVD-200203-098)

        
        EServ是一个组合了邮件、新闻组、Web、代理服务器的软件,运行于Windows 9x/NT/2000平台。
        EServ存在设计问题,可以使远程攻击者非法访问到受口令保护的文件。
        通过构造一个特别的HTTP请求发送给服务器,攻击者可能访问到受口令保护的目录及文件,比如管理员的目录,里面存放管理界面程序。这个漏洞只能被利用来访问受保护的Web目录下的子目录。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:etype:eserv:2.92
cpe:/a:etype:eserv:2.93
cpe:/a:etype:eserv:2.94
cpe:/a:etype:eserv:2.95
cpe:/a:etype:eserv:2.96
cpe:/a:etype:eserv:2.97
cpe:/a:etype:eserv:2.95_beta2

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0112
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0112
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200203-098
(官方数据源) CNNVD

- 其它链接及资源

http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0010.html
(UNKNOWN)  VULNWATCH  20020109 Eserv 2.97 Password Protected File Arbitrary Read Access Vulnerability
http://marc.info/?l=bugtraq&m=101062172226812&w=2
(UNKNOWN)  BUGTRAQ  20020109 Eserv 2.97 Password Protected File Arbitrary Read Access Vulnerability
http://marc.info/?l=ntbugtraq&m=101062823505486&w=2
(UNKNOWN)  NTBUGTRAQ  20020109 Eserv 2.97 Password Protected File Arbitrary Read Access Vulnerability
http://online.securityfocus.com/archive/1/249734
(PATCH)  BUGTRAQ  20020111 Eserv 2.97 Password Protected File Arbitrary Read Access Vulnerability (Solution)
http://www.iss.net/security_center/static/7849.php
(UNKNOWN)  XF  eserv-protected-file-access(7849)
http://www.securityfocus.com/bid/3838
(UNKNOWN)  BID  3838

- 漏洞信息

EServ可访问受口令保护的文件漏洞
中危 输入验证
2002-03-25 00:00:00 2005-10-20 00:00:00
远程  
        
        EServ是一个组合了邮件、新闻组、Web、代理服务器的软件,运行于Windows 9x/NT/2000平台。
        EServ存在设计问题,可以使远程攻击者非法访问到受口令保护的文件。
        通过构造一个特别的HTTP请求发送给服务器,攻击者可能访问到受口令保护的目录及文件,比如管理员的目录,里面存放管理界面程序。这个漏洞只能被利用来访问受保护的Web目录下的子目录。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 把管理界面的目录设置成一个难以猜到名字。
        * 在EServ中把"./"加入到零访问权限列表里。
        厂商补丁:
        Etype
        -----
        目前厂商已经提供了升级程序以修补这个漏洞,我们建议使用此软件的用户到厂商的主页获取最新版本:
        EServ Upgrade Eserv3119.zip
        ftp://ftp.eserv.ru/pub/beta/2.98/Eserv3119.zip

- 漏洞信息 (21211)

EServ 2.9x Password-Protected File Access Vulnerability (EDBID:21211)
windows remote
2002-01-10 Verified
0 Tamer Sahin
N/A [点击下载]
source: http://www.securityfocus.com/bid/3838/info

EServ is a combination Mail, News, Web, FTP and Proxy Server for Microsoft Windows 9x/NT/2000 systems.

It is possible to construct a web request which is capable of accessing the contents of password protected files/folders on the webserver, such as the admin folder, which contains the administrative interface.

It should be noted that this vulnerability may only be exploited to access password-protected files in sub-folders of wwwroot. 

The following example will give the attacker access to the administrative interface:

http://host/./admin/ 		

- 漏洞信息

12082
Etype Eserv /./ URL Request Password Protected File Access
Remote / Network Access Information Disclosure
Loss of Confidentiality Workaround
Exploit Public Third-party Verified

- 漏洞描述

- 时间线

2002-01-09 Unknow
2002-01-09 Unknow

- 解决方案

Products

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

EServ Password-Protected File Access Vulnerability
Input Validation Error 3838
Yes No
2002-01-10 12:00:00 2009-07-11 09:56:00
This vulnerability was submitted to BugTraq on January 10th, 2002 by "Tamer Sahin" <ts@securityoffice.net>.

- 受影响的程序版本

Etype Eserv 2.97
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP6
- Microsoft Windows NT Server 4.0 SP5
- Microsoft Windows NT Server 4.0 SP4
- Microsoft Windows NT Server 4.0 SP3
- Microsoft Windows NT Server 4.0 SP2
- Microsoft Windows NT Server 4.0 SP1
- Microsoft Windows NT Server 4.0
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
Etype Eserv 2.96
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Etype Eserv 2.95 BETA2
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Etype Eserv 2.95
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Etype Eserv 2.94
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Etype Eserv 2.93
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Etype Eserv 2.92
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0

- 漏洞讨论

EServ is a combination Mail, News, Web, FTP and Proxy Server for Microsoft Windows 9x/NT/2000 systems.

It is possible to construct a web request which is capable of accessing the contents of password protected files/folders on the webserver, such as the admin folder, which contains the administrative interface.

It should be noted that this vulnerability may only be exploited to access password-protected files in sub-folders of wwwroot.

- 漏洞利用

The following example will give the attacker access to the administrative interface:

http://host/./admin/

- 解决方案

The vendor has released an update which addresses this issue.


Etype Eserv 2.92

Etype Eserv 2.93

Etype Eserv 2.94

Etype Eserv 2.95

Etype Eserv 2.95 BETA2

Etype Eserv 2.96

Etype Eserv 2.97

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站