发布时间 :2003-12-31 00:00:00
修订时间 :2008-09-10 15:22:02

[原文]Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter.

[CNNVD]Apache Cocoon远程目录遍历漏洞(CNNVD-200312-086)

        Apache Cocoon是一款基于XML的内容管理系统。
        Apache Cocoon的样本文件存在目录遍历问题,远程攻击者可以利用这个漏洞以WEB权限查看系统任意文件内容。
        Apache Cocoon包含的view-source脚本对用户提交的'filename'参数缺少充分过滤,攻击者提交包含多个'../'的数据,可绕过WEB ROOT限制,以WEB权限查看系统任意文件内容。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:apache:cocoon:2.2Apache Software Foundation Cocoon 2.2
cpe:/a:apache:cocoon:2.1Apache Software Foundation Cocoon 2.1
cpe:/a:apache:cocoon:2.1.2Apache Software Foundation Cocoon 2.1.2

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  XF  apachecocoon-directory-traversal-bootini(13499)
(UNKNOWN)  BID  8883

- 漏洞信息

Apache Cocoon远程目录遍历漏洞
中危 访问验证错误
2003-12-31 00:00:00 2005-10-20 00:00:00
        Apache Cocoon是一款基于XML的内容管理系统。
        Apache Cocoon的样本文件存在目录遍历问题,远程攻击者可以利用这个漏洞以WEB权限查看系统任意文件内容。
        Apache Cocoon包含的view-source脚本对用户提交的'filename'参数缺少充分过滤,攻击者提交包含多个'../'的数据,可绕过WEB ROOT限制,以WEB权限查看系统任意文件内容。

- 公告与补丁

        Apache Software Foundation
        2003/10/22之后的Apache Cocoon version 2.1和2003/10/22之后的的Apache Cocoon version 2.2不存在此漏洞,请下载使用:

- 漏洞信息 (23282)

Apache Cocoon 2.14/2.2 Directory Traversal Vulnerability (EDBID:23282)
multiple remote
2003-10-24 Verified
0 Thierry De Leeuw
N/A [点击下载]

It has been reported that Apache Cocoon may be prone to a directory traversal vulnerability that may allow an attacker to traverse outside the server root directory by using '/./../' character sequences. The issue is caused by insufficient sanitization of user-supplied input to the "filename" parameter in the sample "view-source" script.

This vulnerability may be successfully exploited to gain sensitive information about a vulnerable host that could be used to launch further attacks against the system.

Apache Cocoon version 2.1 and 2.2 before 22 Oct 2003 have been reported to be affected by this issue, however other versions may be affected as well.[existing_file] 		

- 漏洞信息

Apache Cocoon view-source Sample File Traversal Arbitrary File Access
Input Manipulation
Vendor Verified

- 漏洞描述

Apache Cocoon contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a directory traversal attack on a sample script occurs, which will disclose filesystem file information resulting in a loss of confidentiality.

- 时间线

2003-10-20 2003-10-20
2003-10-20 Unknow

- 解决方案

Upgrade to version 2.1 or 2.2 (Development) after 22 Oct 2003 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): remove all sample scripts, especially the view-source script.

- 相关参考

- 漏洞作者

Unknown or Incomplete