qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/Apache-2.4.49-Path-Traversa...

140 lines
6.0 KiB
JSON
Raw Normal View History

auto
2022-11-25 02:08:58 -08:00
{
"Name": "Apache 2.4.49 Path Traversal (CVE-2021-41773)",
"Description": "<p>Apache is a web server software.</p><p>A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by \"require all denied\" these requests can succeed. Additionally this flaw could leak the source of interpreted files like CGI scripts.</p>",
"Product": "Apache",
"Homepage": "https://apache.org/",
"DisclosureDate": "2021-10-06",
"Author": "1291904552@qq.com",
"FofaQuery": "banner=\"apache/2.4.49\"",
"GobyQuery": "banner=\"apache/2.4.49\"",
"Level": "2",
"Impact": "<p>A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by \"require all denied\" these requests can succeed. Additionally this flaw could leak the source of interpreted files like CGI scripts.</p>",
"Translation": {
"CN": {
"Name": "Apache 2.4.49版本目录穿越漏洞CVE-2021-41773",
"VulType": [
"目录遍历"
],
"Tags": [
"目录遍历"
],
"Description": "<p>Apache是一款Web服务器软件。</p><p>在 Apache HTTP Server 2.4.49 中对路径规范化所做的更改中发现了一个缺陷。 攻击者可以使用目录穿越攻击将 URL 映射到预期文档根目录之外的文件。 如果文档根目录之外的文件不受“要求全部拒绝”的保护,则这些请求可能会成功。 此外,此缺陷可能会泄漏 CGI 脚本等解释文件的来源。</p>",
"Impact": "<p>在 Apache HTTP Server 2.4.49 中对路径规范化所做的更改中发现了一个缺陷。 攻击者可以使用目录穿越攻击将 URL 映射到预期文档根目录之外的文件。 如果文档根目录之外的文件不受“要求全部拒绝”的保护,则这些请求可能会成功。 此外,此缺陷可能会泄漏 CGI 脚本等解释文件的来源。</p>",
"Product": "Apache",
"Recommendation": "<p>⼚商已发布了漏洞修复程序,请及时关注更新: <a href=\"https://httpd.apache.org/security/vulnerabilities_24.html\">https://httpd.apache.org/security/vulnerabilities_24.html</a></p>"
},
"EN": {
"Name": "Apache 2.4.49 Path Traversal (CVE-2021-41773)",
"VulType": [
"path-traversal"
],
"Tags": [
"path-traversal"
],
"Description": "<p>Apache is a web server software.</p><p>A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by \"require all denied\" these requests can succeed. Additionally this flaw could leak the source of interpreted files like CGI scripts.</p>",
"Impact": "<p>A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by \"require all denied\" these requests can succeed. Additionally this flaw could leak the source of interpreted files like CGI scripts.</p>",
"Product": "Apache",
"Recommendation": "<p>The vendor has released a bug fix, please pay attention to the update in time: <a href=\"https://httpd.apache.org/security/vulnerabilities_24.html\">https://httpd.apache.org/security/vulnerabilities_24.html</a></p><p>1. Set access policies and whitelist access through security devices such as firewalls.</p><p>2.Upgrade the Apache system version.</p>"
}
},
"References": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-41773"
],
"HasExp": true,
"ExpParams": [
{
"name": "cmd",
"type": "input",
"value": "etc/passwd"
}
],
"ExpTips": null,
"ScanSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "/test.php",
"follow_redirect": true,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "test",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "/test.php",
"follow_redirect": true,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "test",
"bz": ""
}
]
},
"SetVariable": []
}
],
"Tags": [
"path-traversal"
],
"VulType": ["path-traversal"],
"CVEIDs": [
"CVE-2021-41773"
],
"CVSSScore": "9.0",
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": [
"Apache"
],
"Hardware": null
},
"Recommendation": "<p>The vendor has released a bug fix, please pay attention to the update in time: <a href=\"https://httpd.apache.org/security/vulnerabilities_24.html\">https://httpd.apache.org/security/vulnerabilities_24.html</a></p>",
"CNNVD": [],
"CNVD": []
}