CVE-2004-1678
CVSS5.0
发布时间 :2004-09-13 00:00:00
修订时间 :2016-10-17 22:58:59
NMCOES    

[原文]Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 (null) character in the lang parameter, which can leak portions of the requested files if a compilation error message occurs.


[CNNVD]PerlDesk Language Variable Server-Side 脚本执行漏洞(CNNVD-200409-028)

        PerlDesk的pdesk.cgi存在目录遍历漏洞。远程攻击者借助“..”序列lang参数以%00 (空值)字符终结的“..”序列读取部分任意文件和可能执行任意Perl模块,该漏洞在编译消息出错发生时泄露部分请求文件。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1678
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1678
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200409-028
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=109509026406554&w=2
(UNKNOWN)  BUGTRAQ  20040912 Posible Inclusion File in Perl Desk
http://www.securityfocus.com/bid/11160
(VENDOR_ADVISORY)  BID  11160
http://xforce.iss.net/xforce/xfdb/19712
(VENDOR_ADVISORY)  XF  perldesk-directory-traversal(19712)

- 漏洞信息

PerlDesk Language Variable Server-Side 脚本执行漏洞
中危 路径遍历
2004-09-13 00:00:00 2005-10-20 00:00:00
远程  
        PerlDesk的pdesk.cgi存在目录遍历漏洞。远程攻击者借助“..”序列lang参数以%00 (空值)字符终结的“..”序列读取部分任意文件和可能执行任意Perl模块,该漏洞在编译消息出错发生时泄露部分请求文件。

- 公告与补丁

        Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .

- 漏洞信息 (24591)

PerlDesk Language Variable Server-Side Script Execution Vulnerability (EDBID:24591)
cgi webapps
2004-09-13 Verified
0 Nikyt0x Argentina
N/A [点击下载]
source: http://www.securityfocus.com/bid/11160/info

It is reported that PerlDesk is susceptible to a server-side script execution vulnerability.

This vulnerability may be exploited to execute the contents of Perl scripts contained on the affected server filesystem. This will execute script code in the context of the affected CGI application, typically with the privileges of the web server process.

If a remote attacker does not have access to the affected server in a manner sufficient to place malicious a Perl script to exploit this vulnerability, they may still exploit it for information disclosure purposes. Error messages that will reportedly be displayed when PerlDesk attempts to include files requested by the attacker may contain potentially sensitive information. With sufficient knowledge of the affected system, an attacker may also cause other preexisting scripts to be executed that may also aid them in further attacks.

This vulnerability may aid the attacker in further application, or system attacks.

Http://www.example.com/cgi-bin/pdesk.cgi?lang=h4x0rs%20Rul3z
Http://www.example.com/cgi-bin/pdesk.cgi?lang=../../../../../../../proc/version%00		

- 漏洞信息

9954
PerlDesk pdesk.cgi lang Parameter Traversal Arbitrary File Access
Remote / Network Access Information Disclosure, Input Manipulation
Loss of Confidentiality
Exploit Public

- 漏洞描述

PerlDesk contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the pdesk.cgi script not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the 'lang' variable.

- 时间线

2004-09-12 Unknow
2004-09-12 Unknow

- 解决方案

Upgrade to version 2 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: 1.) Download pdeskcgi.txt and kbcgi.txt from vendor's site 2.) Rename these files to kb.cgi and pdesk.cgi (removing the .txt) and upload them to your existing installing in ASCII mode.

- 相关参考

- 漏洞作者

- 漏洞信息

PerlDesk Language Variable Server-Side Script Execution Vulnerability
Input Validation Error 11160
Yes No
2004-09-13 12:00:00 2009-07-12 07:06:00
Nikyt0x Argentina <nikyt0x@hotmail.com> disclosed this vulnerability.

- 受影响的程序版本

logicNow PerlDesk 0

- 漏洞讨论

It is reported that PerlDesk is susceptible to a server-side script execution vulnerability.

This vulnerability may be exploited to execute the contents of Perl scripts contained on the affected server filesystem. This will execute script code in the context of the affected CGI application, typically with the privileges of the web server process.

If a remote attacker does not have access to the affected server in a manner sufficient to place malicious a Perl script to exploit this vulnerability, they may still exploit it for information disclosure purposes. Error messages that will reportedly be displayed when PerlDesk attempts to include files requested by the attacker may contain potentially sensitive information. With sufficient knowledge of the affected system, an attacker may also cause other preexisting scripts to be executed that may also aid them in further attacks.

This vulnerability may aid the attacker in further application, or system attacks.

- 漏洞利用

An exploit is not required. Example URIs sufficient to exploit this vulnerability have been provided:

Http://www.example.com/cgi-bin/pdesk.cgi?lang=h4x0rs%20Rul3z
Http://www.example.com/cgi-bin/pdesk.cgi?lang=../../../../../../../proc/version%00

- 解决方案

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站