CVE-2002-0452
CVSS7.5
发布时间 :2002-08-12 00:00:00
修订时间 :2008-09-05 16:28:03
NMCOS    

[原文]Foundry Networks ServerIron switches do not decode URIs when applying "url-map" rules, which could make it easier for attackers to cause the switch to forward traffic to a different server than intended and exploit vulnerabilities that would otherwise be inaccessible.


[CNNVD]Foundry Networks ServerIron编码URI负载平衡可绕过漏洞(CNNVD-200208-135)

        
        ServerIron是Foundry Networks公司的高性能Internet web网关产品系列,其中包含多个在集群WEB服务器之间进行负载平衡的选项。
        ServerIron由于在处理模式匹配时对URL解码不正确可导致负载平衡失效,并泄露相关网络敏感信息。
        ServerIron其中之一特征就是通过相关的服务组规则来平衡HTTP请求,一般的配置是对一个组服务器用来处理静态内容,而其他服务器组用来处理动态页面。
        ServerIron交换机中可以使用"url-map"关键词来激活上面的特征,而根据请求的不同又可以选择多种模式应用,特别是"pattern"模式能简单的对入站URIs进行模式匹配。而此模式匹配对编码的URI处理存在漏洞,可以导致负载平衡规则失效,并有可能产生信息泄露。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:foundrynet:serveriron:xl_g
cpe:/a:foundrynet:serveriron:xl
cpe:/a:foundrynet:serveriron:400
cpe:/a:foundrynet:serveriron:6.0
cpe:/a:foundrynet:serveriron:5.1.10t12
cpe:/a:foundrynet:serveriron:7.1.09
cpe:/a:foundrynet:serveriron:800

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0452
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0452
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200208-135
(官方数据源) CNNVD

- 其它链接及资源

http://www.iss.net/security_center/static/8459.php
(VENDOR_ADVISORY)  XF  foundry-serveriron-reveal-source(8459)
http://www.securityfocus.com/bid/4286
(VENDOR_ADVISORY)  BID  4286
http://www.securityfocus.com/archive/1/261834
(VENDOR_ADVISORY)  BUGTRAQ  20020313 Foundry Networks ServerIron don't decode URIs

- 漏洞信息

Foundry Networks ServerIron编码URI负载平衡可绕过漏洞
高危 设计错误
2002-08-12 00:00:00 2005-10-20 00:00:00
远程  
        
        ServerIron是Foundry Networks公司的高性能Internet web网关产品系列,其中包含多个在集群WEB服务器之间进行负载平衡的选项。
        ServerIron由于在处理模式匹配时对URL解码不正确可导致负载平衡失效,并泄露相关网络敏感信息。
        ServerIron其中之一特征就是通过相关的服务组规则来平衡HTTP请求,一般的配置是对一个组服务器用来处理静态内容,而其他服务器组用来处理动态页面。
        ServerIron交换机中可以使用"url-map"关键词来激活上面的特征,而根据请求的不同又可以选择多种模式应用,特别是"pattern"模式能简单的对入站URIs进行模式匹配。而此模式匹配对编码的URI处理存在漏洞,可以导致负载平衡规则失效,并有可能产生信息泄露。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 不要信任Serverlron pattern过滤,复制Serverlron规则到每个WEB服务,拒绝默认规则的请求和只允许预定的模式。
        下面是一个为静态内容服务的Apache配置:
         Order deny,allow
         Deny from all
        
         Order allow,deny
         Allow from all
        

        厂商补丁:
        Foundry Networks
        ----------------
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        
        http://www.foundrynet.com/

- 漏洞信息

10597
Foundry Networks ServerIron Switch url-map Rule Failure

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-03-13 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Foundry Networks ServerIron Encoded URI Load Balancing Bypass Weakness
Design Error 4286
Yes No
2002-03-13 12:00:00 2009-07-11 11:56:00
Discovered by Frank DENIS <j@42-networks.com>.

- 受影响的程序版本

Foundry Networks ServerIronXL/G
Foundry Networks ServerIronXL
Foundry Networks ServerIron800
Foundry Networks ServerIron400
Foundry Networks ServerIron 7.1 .09
Foundry Networks ServerIron 6.0
Foundry Networks ServerIron 5.1.10 t12

- 漏洞讨论

The ServerIron family of products from Foundry Networks is a series of high performance internet web switches. Among the included features are several options for load balancing between collections of web servers. Several methods are supported, including the option to perform simple pattern matches on requested URLs.

Reportedly, ServerIron does not fully decode URLs when doing this pattern matching. A malicious HTTP request may bypass all patterns, and be assigned based on default rules. Under some applications, this could lead to the exposure of sensitive information when web servers recieve requests they are not configured to handle.

This is not a vulnerability in the ServerIron product, but may allow an attacker to exploit weakly configured machines behind the switch.

- 漏洞利用

No exploit is required.

- 解决方案

Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站