漏洞信息详情
Bajie Webserver文件读取漏洞
- CNNVD编号:CNNVD-200010-009
- 危害等级: 中危
- CVE编号:
CVE-2000-0773
- 漏洞类型:
路径遍历
- 发布时间:
2000-10-20
- 威胁类型:
远程
- 更新时间:
2005-10-12
- 厂 商:
bajie - 漏洞来源:
First posted to Bu… -
漏洞简介
Bajie HTTP web server 0.30a版本存在漏洞。远程攻击者借助包含\”….\”即多个点点目录遍历攻击的URL读取任意文件。
漏洞公告
The vendor has addressed this issue in Bajie Java HTTP versions 0.94 and later.
Bajie Java HTTP Server 0.90
-
Bajie Java HTTP Server 0.95d
http://www.utdallas.edu/~gxz014000/websrv/httpsrv.95d.zip
Bajie Java HTTP Server 0.92 g
-
Bajie Java HTTP Server 0.95d
http://www.utdallas.edu/~gxz014000/websrv/httpsrv.95d.zip
Bajie Java HTTP Server 0.92
-
Bajie Java HTTP Server 0.95d
http://www.utdallas.edu/~gxz014000/websrv/httpsrv.95d.zip
Bajie Java HTTP Server 0.93
-
Bajie Java HTTP Server 0.95d
http://www.utdallas.edu/~gxz014000/websrv/httpsrv.95d.zip
参考网址
来源: XF
名称: bajie-view-arbitrary-files(5021)
链接:http://xforce.iss.net/xforce/xfdb/5021
来源: BID
名称: 1522
链接:http://www.securityfocus.com/bid/1522
来源: BUGTRAQ
名称: 20000731 Two security flaws in Bajie Webserver
链接:http://archives.neohapsis.com/archives/bugtraq/2000-07/0426.html
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END