https://www.exploit-db.com/exploits/21610
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200210-157

Suni-Runbook是一款设计用于为SUN环境提供基于WEB的技术和管理规程的系统，i-Runbook提供WEB接口。Suni-Runbook的WEB接口对用户提交的URL请求缺少正确过滤，远程攻击者可以利用此漏洞提交畸形URL请求以WEB进程的权限查看系统中任意文件内容。Suni-Runbook包含的none.php脚本对用户提交的数据缺少正确处理，攻击者可以提交包含多个”..:..”字符，并追加想要查看的系统文件名或目录，服务程序在解析这个请求时由于处理错误会返回包含请求文件和目录的信息；另外，通过直接请求相关的系统文件名或者目录，服务程序也会直接返回文件或目录内容。

source: http://www.securityfocus.com/bid/5209/info

Sun i-Runbook is a single point of technical and administration management for Sun production environments. i-Runbook provides a web interface.

i-Runbook can be led to disclose the contents of a known resource. This is accomplished by submitting a specially crafted request with the absolute path to a known directory or file.

This issue could result in the disclosure of sensitive information. 

http://<Serverip:port>/content/base/build/explorer/none.php?..:..:..:..:..:.
.:..:etc:passwd:

or

http://<Serverip:port>/content/base/build/explorer/none.php?/etc/passwd

来源:BID
名称:5209
链接:http://www.securityfocus.com/bid/5209
来源:XF
名称:sun-irunbook-information-disclosure(9549)
链接:http://www.iss.net/security_center/static/9549.php
来源:BUGTRAQ
名称:20020711PortcullisSecurityAdvisory-DirectoryTraversalVulnerabilityinSunPSiRunbook2.5.2
链接:http://online.securityfocus.com/archive/1/281786