标题: Muster Render Farm Management System Arbitrary File Download
开发者: http://HdhCmsTestvvertex测试数据/muster. html
影响版本: Muster < 6.20 HdhCmsTest2cto测试数据
概述
Security-Assessment测试数据 has discovered a vulnerability with the Muster 6.1.6 web management server.
This issue #can be exploited by an unauthenticated user to gain full control of the web management interface,
and to send #arbitrary commands to all Muster clients.
测试
#It is possible to download any file on the Muster server by exploiting a vulnerability in the web server. By #using directory traversal characters (\..\..\) in the URL, it is possible to specify any file on the file #system to be served to the client. Exploitation of this vulnerability does not require authentication. The #table below includes an example HTTP Request that would allow the download of the [muster.db] SQLite database:
#Example of Malicious HTTP Request :
GET /a\..\..\muster.db
HTTP/1.1 Host: HdhCmsTest2cto测试数据
#This SQLite database contains a table with all users of the application together with base64-encoded #passwords. By retrieving this database or other similar configuration files, it is possible to gain #administrative access over the render farm.
解决方案
开发者已经出了补丁. Version 6.20搞定了这个问题
查看更多关于Muster Render Farm Management System任意文件下载及修复的详细内容...