发布时间 :2002-10-04 00:00:00
修订时间 :2008-09-05 16:29:43

[原文]Directory traversal vulnerability in Abyss Web Server 1.0.3 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in an HTTP GET request.

[CNNVD]Abyss Web Server编码反斜杠目录遍历漏洞(CNNVD-200210-009)

        Abyss Web Server 1.0.3版本存在目录遍历漏洞。远程攻击者借助HTTP GET请求的..\ (点 点 反斜杠)序列读取任意文件。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(VENDOR_ADVISORY)  XF  abyss-get-directory-traversal(9941)
(VENDOR_ADVISORY)  XF  abyss-http-directory-traversal(9940)
(UNKNOWN)  BID  5547
(UNKNOWN)  BUGTRAQ  20020822 Abyss 1.0.3 directory traversal and administration bugs

- 漏洞信息

Abyss Web Server编码反斜杠目录遍历漏洞
中危 路径遍历
2002-10-04 00:00:00 2005-05-02 00:00:00
        Abyss Web Server 1.0.3版本存在目录遍历漏洞。远程攻击者借助HTTP GET请求的..\ (点 点 反斜杠)序列读取任意文件。

- 公告与补丁

        The vendor has released a patch for this issue. Users are advised to apply the patch or download a newer version of Abyss Web Server 1.0.3 with patches already applied:
        Aprelium Technologies Abyss Web Server 1.0
        Aprelium Technologies Abyss Web Server 1.0.3

- 漏洞信息 (21735)

Abyss Web Server 1.0 Encoded Backslash Directory Traversal Vulnerability (EDBID:21735)
windows remote
2002-08-22 Verified
0 Auriemma Luigi
N/A [点击下载]

A directory traversal vulnerability has been reported for Abyss Web Server. The issue is related to the failure to properly process the backslash '\', encoded as '%5c', character, which may be used as a directory delimiter under these platforms. By using the URL encoded sequence '%2e%2e%5c', the web root may be escaped.

Exploitation can result in arbitrary system files being sent to a remote attacker. This information may be of value in attempting further attacks against the vulnerable system.

This issue is reported to have different effects in a different environments.

"GET /\..\..\..\..\..\winnt\win.ini HTTP/1.0" (using a Telnet client)

- 漏洞信息

Abyss Web Server Traversal Arbitrary File Access
Remote / Network Access Authentication Management, Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

Abyss Webserver contains a flaw that allows a remote attacker to read arbitrary files or directory listings outside of the web path. The issue is due to the server not properly sanitizing user input, specifically encoded traversal style attacks (../../) supplied via the URI.

- 时间线

2002-08-22 Unknow
2002-08-22 Unknow

- 解决方案

Upgrade to version or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者