漏洞信息详情
Stronghold安全Web服务器信息泄漏漏洞
- CNNVD编号:CNNVD-200111-042
- 危害等级: 中危
![图片[1]-Stronghold安全Web服务器信息泄漏漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-11/30f462579bec41fc25e0b1d57503e6d6.png)
- CVE编号:
CVE-2001-0868
- 漏洞类型:
配置错误
- 发布时间:
2001-11-28
- 威胁类型:
远程
- 更新时间:
2005-10-20
- 厂 商:
redhat - 漏洞来源:
Discovered by Mada… -
漏洞简介
Red Hat Stronghold 2.3至3.0版本存在漏洞。远程攻击者可以借助对(1) stronghold-info或(2)stronghold-status的HTTP GET请求收回系统信息。
漏洞公告
This issue has been patched in build 3015 of Stronghold.
The Stronghold Administration guide suggests making the following changes to httpd.conf to deny access to outside parties:
To do this, locate the following container in httpd.conf
SetHandler server-status
Add the following inside the container:
order deny,allow
deny from all
allow from .your.domain
参考网址
来源: BUGTRAQ
名称: 20011123 Redhat Stronghold Secure Server File System Disclosure Vulnerability
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=100654958131854&w=2
来源: XF
名称: stronghold-webserver-obtain-information(7582)
链接:http://xforce.iss.net/static/7582.php
来源: BID
名称: 3577
链接:http://www.securityfocus.com/bid/3577
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
