| Ãë¾àÁ¡ID |
21165 |
| À§Çèµµ |
30 |
| Æ÷Æ® |
80, ¡¦ |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
WWW |
| »ó¼¼¼³¸í |
Boa À¥¼¹ö³»¿¡ ÀÖ´Â ÀÓÀÇÀÇ ÆÄÀÏÀ» Àоî¿Ã ¼ö ÀÖ´Ù. ÀÌ´Â ´ÙÀ½°ú °°ÀÌ hex-encodeµÈ '../../..'¿Í ÇÔ²² ÆÄÀÏÀÇ Path¸íÀ» ÁÖ¸é ÆÄÀÏÀ» Àоî¿Ã ¼ö ÀÖ´Ù.
GET /%2e%2e/%2e%2e/%2e%2e/etc/passwd |
| ÇØ°áÃ¥ |
´ÙÀ½ Site¿¡ °¡¼ °¡Àå ÃֽŠ¹öÀüÀÇ Boa ¼¹ö ¹öÀüÀ» ´Ù¿î·Îµå¹Þ¾Æ ¼³Ä¡ÇÑ´Ù.
Http://www.boa.org |
| °ü·Ã URL |
CVE-2000-0920 (CVE) |
| °ü·Ã URL |
1770 (SecurityFocus) |
| °ü·Ã URL |
5330 (ISS) |
|
