Oracle iPlanet Web Server | ¶à¸öÇå¾²Îó²îͨ¸æ

Ðû²¼Ê±¼ä 2020-05-12

0x00 Îó²î¸ÅÊö



²úÆ·

CVE ID

Àà ÐÍ

Îó²îÆ·¼¶

Ô¶³ÌʹÓÃ

Ó°Ïì¹æÄ£

Oracle iPlanet Web Server

CVE-2020-9314

I

ÖÐΣ

ÊÇ

Oracle iPlanet Web Server 7.0.x°æ±¾

CVE-2020-9315

ÖÐΣ

ÊÇ


0x01 Îó²îÏêÇé


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨


Oracle iPlanet Web Server£¨OiWS£©ÊÇÃÀ¹ú¼×¹ÇÎÄ£¨Oracle£©¹«Ë¾µÄÒ»¿îÖ÷ÒªÓÃÓÚÖÐÐͺʹóÐÍÓªÒµÓ¦ÓóÌÐòµÄWebЧÀÍÆ÷¡£¡£¡£¡£¡£¡£

×î½ü£¬£¬£¬£¬Ñо¿Ö°Ô±·¢Ã÷ÁËÁ½¸öÓ°ÏìOracle iPlanet Web ServerµÄÇå¾²Îó²î£¬£¬£¬£¬¸ú×Ùµ½µÄÎó²îΪCVE-2020-9314ºÍCVE-2020-9315£¬£¬£¬£¬ËüÃÇ¿ÉÄܵ¼ÖÂ×¢Èë¹¥»÷ºÍÃô¸ÐÊý¾Ýй¶¡£¡£¡£¡£¡£¡£

CVE-2020-9314ÊÇOracle iPlanet Web ServerµÄWebÖÎÀí¿ØÖÆ̨Öб£´æµÄÒ»¸ö×¢ÈëÎó²î¡£¡£¡£¡£¡£¡£ÖÎÀí¿ØÖÆ̨Öеġ°productNameSrc¡±²ÎÊýÔÊÐí×¢ÈëÍⲿӳÏñ¡£¡£¡£¡£¡£¡£µ±Óë¡°productNameHeight¡±ºÍ¡°productNameWidth¡±²ÎÊýÁ¬ÏµÊ¹ÓÃʱ£¬£¬£¬£¬¿ÉÒÔ½«ÍⲿͼÏñ×¢ÈëÕ¾µãÒÔÀûÓÚÍøÂç´¹ÂÚ¡£¡£¡£¡£¡£¡£ÕâÊÇÓÉÓÚCVE-2012-0516µÄÐÞ²¹³ÌÐò²»ÍêÕûËùÖ¡£¡£¡£¡£¡£¡£½ÏÔçµÄÐÞ¸´³ÌÐòÌí¼ÓÁËÕë¶ÔXSSÎÊÌâµÄÑéÖ¤£¬£¬£¬£¬µ«¶ÔÈ·±£Ã»ÓмÓÔØÍⲿӳÏñδÌí¼ÓÑéÖ¤¡£¡£¡£¡£¡£¡£

Îó²îÑéÖ¤¿ÉʵÑéÒÔÏÂÁ´½Ó£º

http://%5Btarget%5D/admingui/version/Version?&productNameSrc=http://www.example.com/test.jpg&productNameHeight=500&productNameWidth=500

http://%5Btarget%5D/admingui/version/Masthead.jsp?productNameSrc=http://www.example.com/test.jpg&productNameHeight=500&productNameWidth=500

CVE-2020-9315ÊÇOracle iPlanet Web ServerµÄWebÖÎÀí¿ØÖÆ̨Öб£´æµÄÒ»¸öÇå¾²Îó²î¡£¡£¡£¡£¡£¡£¸ÃÎó²îʹµÃÎÞÐèÉí·ÝÑéÖ¤¼´¿É´Ó¿ØÖÆ̨ÖеÄÈκÎÒ³Ãæ¶ÁÊØÐÅÏ¢¡£¡£¡£¡£¡£¡£Õâ¿ÉÄܵ¼ÖÂÓйØЧÀÍÆ÷µÄÉèÖÃÐÅÏ¢£¨°üÀ¨¼ÓÃÜÃÜÔ¿£¬£¬£¬£¬JVMÉèÖúÍÆäËûÊý¾Ý£©µÄÃô¸ÐÊý¾Ýй¶¡£¡£¡£¡£¡£¡£¿£¿£¿ÉÒÔͨ¹ýÌæ»»ÖÎÀí¿ØÖÆ̨ÖÐÈκÎÒ³ÃæµÄÈκÎURLÀ´Íê³É£¬£¬£¬£¬ÈçÏÂËùʾ£º

http://%5Btarget%5D/admingui/admingui/*

http://%5Btarget%5D/admingui/°æ±¾/*

Îó²îÑéÖ¤¿ÉʵÑéÒÔÏÂÁ´½Ó£º

http://%5Btarget%5D/admingui/version/

http://%5Btarget%5D/admingui/version/serverTasksGeneral?serverTasksGeneral.GeneralWebserverTabs.Tabhref=2


0x02 ´¦Öóͷ£½¨Òé


ÓÉÓÚOracle²»ÔÙÖ§³ÖOracle iPlanet Web Server 7.0.x£¬£¬£¬£¬ÒÔÊDz»ÍýÏëÐû²¼Çå¾²²¹¶¡³ÌÐò¡£¡£¡£¡£¡£¡£

ÔÝʱ²½·¥£º

×îа汾µÄOracle GlassfishºÍEclipse GlassfishÓëiPlanet¹²ÏíͨÓôúÂ룬£¬£¬£¬ÒÑͨ¹ý²âÊÔ£¬£¬£¬£¬Ã»ÓÐÎó²î£¬£¬£¬£¬½¨ÒéÊÜÓ°ÏìÓû§ÏÂÔØʹÓᣡ£¡£¡£¡£¡£

ÏÞÖÆ´ÓInternetµ½Oracle iPlanet Web ServerµÄWebÖÎÀí¿ØÖÆ̨µÄ»á¼û£¬£¬£¬£¬Ö»ÔÊÔÊÐíÐÅip»á¼û¡£¡£¡£¡£¡£¡£


0x03 Ïà¹ØÐÂÎÅ


https://securityaffairs.co/wordpress/103055/hacking/oracles-iplanet-web-server-flaws.html?utm_source=rss&utm_medium=rss&utm_campaign=oracles-iplanet-web-server-flaws


0x04 ²Î¿¼Á´½Ó


https://wwws.nightwatchcybersecurity.com/2020/05/10/two-vulnerabilities-in-oracles-iplanet-web-server-cve-2020-9315-and-cve-2020-9314/

https://www.oracle.com/us/assets/lifetime-support-middleware-069163.pdf


0x05 ʱ¼äÏß


2020-05-12 VSRCÐû²¼Îó²îͨ¸æ


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨