MediaWiki远程任意脚本上传漏洞-安全小百科

MediaWiki远程任意脚本上传漏洞

漏洞ID	1108365	漏洞类型	输入验证
发布时间	2004-12-16	更新时间	2005-10-20
CVE编号	CVE-2004-1405	CNNVD-ID	CNNVD-200412-193
漏洞平台	PHP	CVSS评分	7.5

|漏洞来源

https://www.exploit-db.com/exploits/24994
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-193

|漏洞详情

MediaWiki1.3.8版本及之前版本在以Apachemod_mime方式使用时，不会正确地处理带有两个文件拓展名的文件，例如：.php.rar。远程攻击者可以上传和执行任意代码。

|漏洞EXP

source: http://www.securityfocus.com/bid/11985/info

MediaWiki is reported prone to a vulnerability that can allow a remote attacker to upload arbitrary PHP scripts to a vulnerable server. This issue results from insufficient sanitization of user-supplied input.

If successful, the attacker can execute arbitrary script code on a vulnerable server. This can lead to unauthorized access in the context of the application.

MediaWiki 1.3.8 and prior versions are affected by this issue. 

Script file name:
attack.php.rar

|参考资料

来源:BID
名称:11985
链接:http://www.securityfocus.com/bid/11985
来源:wikipedia.sourceforge.net
链接:http://wikipedia.sourceforge.net/
来源:BUGTRAQ
名称:20041216STGSecurityAdvisory:[SSA-20041215-19]VulnerabilityofuploadingfileswithmultipleextensionsinMediaWiki
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=110321710420059&w;=2
来源:SECUNIA
名称:13478
链接:http://secunia.com/advisories/13478/

相关推荐: Caldera OpenLinux “help” Root User Vulnerability

Caldera OpenLinux “help” Root User Vulnerability 漏洞ID 1104762 漏洞类型 Unknown 发布时间 1999-05-08 更新时间 1999-05-08 CVE编号 N/A CNNVD-ID N/A …

文章版权归作者所有，未经允许请勿转载。

THE END