CVE-2002-0347
CVSS5.0
发布时间 :2002-06-25 00:00:00
修订时间 :2016-10-17 22:19:37
NMCOS    

[原文]Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request.


[CNNVD]Sun Cobalt RaQ目录遍历漏洞(CNNVD-200206-058)

        
        Sun Cobalt RaQ是ISPs使用的一种服务方软件。
        据报告,Cobalt RaQ易受目录遍历漏洞攻击。比如
        http://10.0.0.1:81/.cobalt/sysManage/../admin/.htaccess
        利用该漏洞,远程用户可以非法读取敏感文件,尚未得知是否可以遍历HTTP根目录之外的目录。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/h:sun:cobalt_raq_3iSun Cobalt RaQ 3.0
cpe:/h:sun:cobalt_raq_4Sun Cobalt RaQ 4.0
cpe:/h:sun:cobalt_raq_2Sun Cobalt RaQ 2.0

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0347
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0347
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200206-058
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=101495944202452&w=2
(UNKNOWN)  BUGTRAQ  20020228 Colbalt-RAQ-v4-Bugs&Vulnerabilities
http://www.iss.net/security_center/static/8322.php
(VENDOR_ADVISORY)  XF  cobalt-raq-directory-traversal(8322)
http://www.securityfocus.com/bid/4208
(VENDOR_ADVISORY)  BID  4208

- 漏洞信息

Sun Cobalt RaQ目录遍历漏洞
中危 输入验证
2002-06-25 00:00:00 2006-08-28 00:00:00
远程  
        
        Sun Cobalt RaQ是ISPs使用的一种服务方软件。
        据报告,Cobalt RaQ易受目录遍历漏洞攻击。比如
        http://10.0.0.1:81/.cobalt/sysManage/../admin/.htaccess
        利用该漏洞,远程用户可以非法读取敏感文件,尚未得知是否可以遍历HTTP根目录之外的目录。
        

- 公告与补丁

        临时解决方法:
        Peter N. Go ( peter@arachinc.com )建议使用.htaccess做如下限制:
        
        Order allow,deny
        Deny from all
        

        不过攻击者仍有可能访问其它敏感文件。
        厂商补丁:
        Sun
        ---
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        
        http://www.sun.com

- 漏洞信息

9064
Cobalt RAQ 4 HTTP Request Arbitrary Restricted File Access

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-02-28 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Sun Cobalt RaQ Directory Traversal File Reading Vulnerability
Input Validation Error 4208
Yes No
2002-02-28 12:00:00 2009-07-11 10:56:00
This vulnerability discovery credited to Alex Hernandez <al3xhernandez@ureach.com>.

- 受影响的程序版本

Cobalt RaQ 4.0
Cobalt RaQ 3.0
Cobalt RaQ 2.0

- 漏洞讨论

RaQ is a server appliance originally developed by Cobalt. It is now distributed and maintained by Sun Microsystems.

It has been reported that Cobalt RaQ appliances are vulnerable to a directory traversal attack. Using this attack, it is possible for a remote user to read sensitive configuration files, such as .htaccess files, and could potentially result in unauthorized access to restricted information. It is unknown whether this attack will permit escape of the HTTP root directory.

- 漏洞利用

This vulnerability may be exploit with a web browser.

- 解决方案


Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

     

     

    关于SCAP中文社区

    SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

    版权声明

    CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站