CVE-2004-2061
CVSS7.5
发布时间 :2004-07-27 00:00:00
修订时间 :2016-10-17 23:05:48
NMCOE    

[原文]RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, or (3) file:// URL.


[CNNVD]RiSearch和RiSearch Pro多个安全漏洞(CNNVD-200407-092)

        
        RiSearch (Pro) Suite是一款用户搜索WEB站点的PERL脚本。
        RiSearch (Pro)存在多个安全问题,远程攻击者可以利用这些漏洞通过FTP或HTTP访问任意端口和或以WEB权限在系统上查看任意文件内容。
        RiSearch (Pro)包含的show.pl脚本对用户提交的参数缺少充分过滤,攻击者可以操作URI变量请求其他站点,端口和文件。另外对'file'参数缺少充分过滤,提交包含本地系统文件作为参数,可以WEB进程权限查看并返回给攻击者。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:risearch_software:risearch:0.99.1
cpe:/a:risearch_software:risearch:0.99.2
cpe:/a:risearch_software:risearch:0.99.3
cpe:/a:risearch_software:risearch_pro:3.2.6
cpe:/a:risearch_software:risearch:0.99.8
cpe:/a:risearch_software:risearch:0.99.4
cpe:/a:risearch_software:risearch:0.99.5
cpe:/a:risearch_software:risearch:0.99.6
cpe:/a:risearch_software:risearch:0.99.7

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2061
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-2061
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200407-092
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=109095196526490&w=2
(UNKNOWN)  BUGTRAQ  20040727 IRM 009: RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities
http://securitytracker.com/id?1010788
(UNKNOWN)  SECTRACK  1010788
http://www.securityfocus.com/bid/10812
(VENDOR_ADVISORY)  BID  10812
http://xforce.iss.net/xforce/xfdb/16817
(VENDOR_ADVISORY)  XF  risearch-show-open-proxy(16817)

- 漏洞信息

RiSearch和RiSearch Pro多个安全漏洞
高危 输入验证
2004-07-27 00:00:00 2005-10-20 00:00:00
远程  
        
        RiSearch (Pro) Suite是一款用户搜索WEB站点的PERL脚本。
        RiSearch (Pro)存在多个安全问题,远程攻击者可以利用这些漏洞通过FTP或HTTP访问任意端口和或以WEB权限在系统上查看任意文件内容。
        RiSearch (Pro)包含的show.pl脚本对用户提交的参数缺少充分过滤,攻击者可以操作URI变量请求其他站点,端口和文件。另外对'file'参数缺少充分过滤,提交包含本地系统文件作为参数,可以WEB进程权限查看并返回给攻击者。
        

- 公告与补丁

        厂商补丁:
        RiSearch Software
        -----------------
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        
        http://www.risearch.org

- 漏洞信息 (24326)

RiSearch 0.99 /RiSearch Pro 3.2.6 show.pl Open Proxy Relay (EDBID:24326)
cgi remote
2004-07-27 Verified
0 Phil Robinson
N/A [点击下载]
source: http://www.securityfocus.com/bid/10812/info

RiSearch and RiSearch Pro are reported prone to an open proxy vulnerability. It is reported that the issue presents itself due to a lack of sufficient sanitization performed on user supplied URI parameters.

A remote attacker may exploit this condition in order to launch attacks against local and public services in the context of the site that is hosting the vulnerable script.

http://www.example.com/cgi-bin/search/show.pl?url=http://www.google.com
http://www.example.com/cgi-bin/search/show.pl?url=http://192.168.0.1
http://www.example.com/cgi-bin/search/show.pl?url=http://localhost:8080
http://www.example.com/cgi-bin/search/show.pl?url=ftp://192.168.0.1
http://www.example.com/cgi-bin/search/show.pl?url=ftp://username:password@192.168.0.1
		

- 漏洞信息 (24327)

RiSearch 0.99 /RiSearch Pro 3.2.6 show.pl Arbitrary File Access (EDBID:24327)
cgi remote
2004-07-27 Verified
0 Phil Robinson
N/A [点击下载]
source: http://www.securityfocus.com/bid/10812/info
 
RiSearch and RiSearch Pro are reported prone to an open proxy vulnerability. It is reported that the issue presents itself due to a lack of sufficient sanitization performed on user supplied URI parameters.
 
A remote attacker may exploit this condition in order to launch attacks against local and public services in the context of the site that is hosting the vulnerable script.

http://www.example.com/cgi-bin/search/show.pl?url=file:/etc/passwd		

- 漏洞信息

8265
RiSearch show.pl Open Proxy Relay
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

RiSearch contains a flaw that may allow a malicious user to use the server as a proxy. The issue is triggered by the lack of validation of the url variable which is passed to show.pl. It is possible that the flaw may allow open relay access resulting in a loss of integrity.

- 时间线

2004-07-27 2004-07-06
2004-07-27 Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站