IBM Lotus Domino HTTP webadmin.nsf远程目录遍历漏洞

IBM Lotus Domino HTTP webadmin.nsf远程目录遍历漏洞

漏洞ID 1107822 漏洞类型 输入验证
发布时间 2004-03-17 更新时间 2005-10-20
图片[1]-IBM Lotus Domino HTTP webadmin.nsf远程目录遍历漏洞-安全小百科CVE编号 CVE-2004-2311
图片[2]-IBM Lotus Domino HTTP webadmin.nsf远程目录遍历漏洞-安全小百科CNNVD-ID CNNVD-200412-188
漏洞平台 Windows CVSS评分 3.6
|漏洞来源
https://www.exploit-db.com/exploits/23836
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-188
|漏洞详情
LotusDomino服务器是一款基于WEB合作的应用程序架构,运行在Linux/Unix和MicrosoftWindows操作系统平台下。LotusDomino服务器的webadmin.nsf对用户提交请求缺少充分过滤,远程攻击者可以利用这个漏洞以服务程序权限查看系统上任意文件。服务程序可通过’webadmin.nsf’进行管理接口访问,不过由于对新文件名建立请求缺少充分过滤,攻击者可以利用目录遍历,使用多个’../’以WEB进程权限访问系统上的任意文件。
|漏洞EXP
source: http://www.securityfocus.com/bid/9900/info

It has been reported that Lotus Domino may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. The issue reportedly exists in the server's administrative interface accessed via 'webadmin.nsf'. The vulnerability may be exploited by a remote attacker by traversing outside the server root directory by using '../' directory traversal character sequences. Successful exploitation of this vulnerability may allow a remote attacker to gain access to sensitive information and/or modify the underlying file system.

IBM Lotus Domino server 6.5.1 has been reported to be prone to this issue, however, it is possible that other versions are affected as well.

1)Go to http://www.example.com/webadmin.nsf
2)Go to "Files" tab
3)From the "Tools" menu select to create a "new" folder
4)As the name of the new folder enter "/../../../../../../pr00f"

or

"/../../../../windows/win.ini"
|参考资料

来源:XF
名称:lotus-webadmin-file-disclosure(15504)
链接:http://xforce.iss.net/xforce/xfdb/15504
来源:BID
名称:9900
链接:http://www.securityfocus.com/bid/9900
来源:SECUNIA
名称:11143
链接:http://secunia.com/advisories/11143
来源:members.lycos.co.uk
链接:http://members.lycos.co.uk/r34ct/main/ibm_lotus_domino/lotus.txt
来源:NSFOCUS
名称:6186
链接:http://www.nsfocus.net/vulndb/6186

相关推荐: Maxthon Web Browser Cross-Domain Dialog Box Spoofing Vulnerability

Maxthon Web Browser Cross-Domain Dialog Box Spoofing Vulnerability 漏洞ID 1097759 漏洞类型 Access Validation Error 发布时间 2004-10-20 更新时间 …

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享