微慑信息网

CVE-2008-1270-漏洞详情

CVE-2008-1270
CVSS 5.0
发布时间 :2008-03-10 17:44:00
修订时间 :2011-03-07 22:06:26
NMCOPS    

[原文]mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the ~nobody directory.


[CNNVD]Lighttpd ‘mod_userdir’ 信息泄露漏洞(CNNVD-200803-148)

        lighttpd是目前非常流行的开放源代码的web服务器。


        当未对userdir.path进行设置时,lighttpd中的mod_userdir使用默认的$HOME,远程攻击者可以读取任意文件,比如访问nobody目录。


CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]


CWE (弱点类目)

CWE-200 [信息暴露]


CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用


OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:7897 DSA-1521 lighttpd — file disclosure
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。


官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1270

(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1270

(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200803-148

(官方数据源) CNNVD


其它链接及资源

https://issues.rpath.com/browse/RPL-2344


(UNKNOWN)  CONFIRM  https://issues.rpath.com/browse/RPL-2344
https://bugs.gentoo.org/show_bug.cgi?id=212930


(UNKNOWN)  CONFIRM  https://bugs.gentoo.org/show_bug.cgi?id=212930
http://xforce.iss.net/xforce/xfdb/41173


(UNKNOWN)  XF  lighttpd-moduserdir-information-disclosure(41173)
http://www.vupen.com/english/advisories/2008/0885/references


(UNKNOWN)  VUPEN  ADV-2008-0885
http://www.securityfocus.com/bid/28226


(UNKNOWN)  BID  28226
http://www.securityfocus.com/archive/1/archive/1/489465/100/0/threaded


(UNKNOWN)  BUGTRAQ  20080312 rPSA-2008-0106-1 lighttpd
http://www.lighttpd.net/security/lighttpd_sa_2008_03.txt


(UNKNOWN)  CONFIRM  http://www.lighttpd.net/security/lighttpd_sa_2008_03.txt
http://www.lighttpd.net/2008/3/10/1-4-19-made-in-germany


(UNKNOWN)  CONFIRM  http://www.lighttpd.net/2008/3/10/1-4-19-made-in-germany
http://www.debian.org/security/2008/dsa-1521


(UNKNOWN)  DEBIAN  DSA-1521
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106


(UNKNOWN)  MISC  http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106
http://trac.lighttpd.net/trac/ticket/1587


(UNKNOWN)  CONFIRM  http://trac.lighttpd.net/trac/ticket/1587
http://security.gentoo.org/glsa/glsa-200804-08.xml


(UNKNOWN)  GENTOO  GLSA-200804-08
http://secunia.com/advisories/29636


(VENDOR_ADVISORY)  SECUNIA  29636
http://secunia.com/advisories/29622


(VENDOR_ADVISORY)  SECUNIA  29622
http://secunia.com/advisories/29403


(VENDOR_ADVISORY)  SECUNIA  29403
http://secunia.com/advisories/29318


(VENDOR_ADVISORY)  SECUNIA  29318
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html


(UNKNOWN)  SUSE  SUSE-SR:2008:008


漏洞信息

Lighttpd ‘mod_userdir’ 信息泄露漏洞
中危 信息泄露
2008-03-10 00:00:00 2008-09-05 00:00:00
远程  
        lighttpd是目前非常流行的开放源代码的web服务器。


        当未对userdir.path进行设置时,lighttpd中的mod_userdir使用默认的$HOME,远程攻击者可以读取任意文件,比如访问nobody目录。


公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:


        lighttpd lighttpd 1.4


        lighttpd lighttpd-1.4.19.tar.gz


        http://www.lighttpd.net/download/lighttpd-1.4.19.tar.gz


漏洞信息 (F65410)

Gentoo Linux Security Advisory 200804-8 (PacketStormID:F65410)

2008-04-10 00:00:00
Gentoo  security.gentoo.org

advisory

linux,gentoo

CVE-2008-1270,CVE-2008-1531

[点击下载]

Gentoo Linux Security Advisory GLSA 200804-08 – Julien Cayzax discovered that an insecure default setting exists in mod_userdir in lighttpd. When userdir.path is not set the default value used is $HOME. It should be noted that the nobody user's $HOME is / (CVE-2008-1270). An error also exists in the SSL connection code which can be triggered when a user prematurely terminates his connection (CVE-2008-1531). Versions less than 1.4.19-r2 are affected.


漏洞信息 (F64629)

Debian Linux Security Advisory 1521-1 (PacketStormID:F64629)

2008-03-17 00:00:00
Debian  debian.org

advisory,arbitrary

linux,debian

CVE-2008-1270

[点击下载]

Debian Security Advisory 1521-1 – Julien Cayzac discovered that under certain circumstances lighttpd, a fast webserver with minimal memory footprint, might allow the reading of arbitrary files from the system. This problem could only occur with a non-standard configuration.


漏洞信息


43170
lighttpd mod_userdir userdir.path Information Disclosure

Information Disclosure
Loss of Confidentiality
Vendor Verified


漏洞描述


时间线


2008-02-28

Unknow
Unknow Unknow


解决方案

Upgrade to version 1.4.19 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.


相关参考


漏洞作者

Unknown or Incomplete


漏洞信息

Lighttpd mod_userdir Information Disclosure Vulnerability

Failure to Handle Exceptional Conditions

28226
Yes No
2008-03-12 12:00:00 2008-04-16 12:28:00

[email protected] discovered this issue.


受影响的程序版本

SuSE SUSE Linux Enterprise SDK 10

S.u.S.E. openSUSE 10.3

S.u.S.E. openSUSE 10.2

S.u.S.E. Linux 10.1 x86-64

S.u.S.E. Linux 10.1 x86

S.u.S.E. Linux 10.1 ppc

rPath rPath Linux 1

lighttpd lighttpd 1.4.18

lighttpd lighttpd 1.4.17

lighttpd lighttpd 1.4.16

lighttpd lighttpd 1.4.15

lighttpd lighttpd 1.4.14

lighttpd lighttpd 1.4.13

lighttpd lighttpd 1.4.12

lighttpd lighttpd 1.4.11

lighttpd lighttpd 1.4.10

lighttpd lighttpd 1.4.9

lighttpd lighttpd 1.4.8

lighttpd lighttpd 1.4.7

lighttpd lighttpd 1.4.6

lighttpd lighttpd 1.4.5

lighttpd lighttpd 1.4.4

lighttpd lighttpd 1.4.3

lighttpd lighttpd 1.4.2

lighttpd lighttpd 1.4.1

lighttpd lighttpd 1.4

lighttpd lighttpd 1.4.10a

Gentoo Linux

Debian Linux 4.0 sparc

Debian Linux 4.0 s/390

Debian Linux 4.0 powerpc

Debian Linux 4.0 mipsel

Debian Linux 4.0 mips

Debian Linux 4.0 m68k

Debian Linux 4.0 ia-64

Debian Linux 4.0 ia-32

Debian Linux 4.0 hppa

Debian Linux 4.0 arm

Debian Linux 4.0 amd64

Debian Linux 4.0 alpha

Debian Linux 4.0

lighttpd lighttpd 1.4.19


不受影响的程序版本

lighttpd lighttpd 1.4.19


漏洞讨论

The 'lighttpd' program is prone to a vulnerability that may allow attackers to access sensitive information because the application fails to properly handle exceptional conditions.



Information obtained may aid in further attacks.



This issue affects lighttpd 1.4.18; other versions may also be vulnerable.


漏洞利用

To exploit this vulnerability, attackers can use a browser.



The following example URI is available:



http://www.example.com/~nobody/etc/passwd


解决方案

The vendor has released lighttpd 1.4.19 to address this issue. Please see the references for more information.





lighttpd lighttpd 1.4.10a



lighttpd lighttpd 1.4



lighttpd lighttpd 1.4.1



lighttpd lighttpd 1.4.10



lighttpd lighttpd 1.4.11



lighttpd lighttpd 1.4.12



lighttpd lighttpd 1.4.13



lighttpd lighttpd 1.4.14



lighttpd lighttpd 1.4.15



lighttpd lighttpd 1.4.16



lighttpd lighttpd 1.4.17



lighttpd lighttpd 1.4.18



lighttpd lighttpd 1.4.2



lighttpd lighttpd 1.4.3



lighttpd lighttpd 1.4.4



lighttpd lighttpd 1.4.5



lighttpd lighttpd 1.4.6



lighttpd lighttpd 1.4.7



lighttpd lighttpd 1.4.8



lighttpd lighttpd 1.4.9


相关参考

本文标题:CVE-2008-1270-漏洞详情
本文链接:
(转载请附上本文链接)
http://vulsee.com/archives/vulsee_2019/0713_2921.html
转载请附本站链接,未经允许不得转载,,谢谢:微慑信息网-VulSee.com » CVE-2008-1270-漏洞详情
分享到: 更多 (0)

评论 抢沙发

评论前必须登录!

 

微慑信息网 专注工匠精神

访问我们联系我们