漏洞信息详情
Cobalt RaQ .bash_history漏洞
- CNNVD编号:CNNVD-199902-055
- 危害等级: 超危
![图片[1]-Cobalt RaQ .bash_history漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-07/c4e67a37c54aee8c0e1983d8333a9158.png)
- CVE编号:
CVE-1999-0408
- 漏洞类型:
设计错误
- 发布时间:
1999-02-25
- 威胁类型:
远程
- 更新时间:
2006-08-28
- 厂 商:
sun - 漏洞来源:
A security notice … -
漏洞简介
Cobalt RaQ微型服务器(如 .bash_history)存在漏洞。它的交互shell会话创建的文件全局可读,因此可以从web服务器访问该文件。
漏洞公告
Cobalt released a patch for this problem obtainable at ftp://ftp.cobaltnet.com/pub/security.
In addition to installing this patch, one should add the following to /etc/profile:
touch $HISTFILE
chmod 600 $HISTFILE
For added security, one could change the HISTFILE variable itself.
Apache, the installed webserver on Cobalt RaQs can solve the problem as well if the following is added to the apache configuration:
order allow,deny
deny from all
参考网址
来源: BID
名称: 337
链接:http://www.securityfocus.com/bid/337
受影响实体
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
