绿盟科技NSFOCUS安全漏洞系统

安全研究

安全漏洞

Lighttpd mod_cgi模块信息泄露漏洞

发布日期：2008-03-05
更新日期：2008-03-06

受影响系统：

LightTPD LightTPD < 1.4.18-r2

描述：

BUGTRAQ  ID: 28100
CVE(CAN) ID: CVE-2008-1111

Lighttpd是一款轻型的开放源码Web Server软件包。

Lighttpd在处理意外情况时存在漏洞，远程攻击者可能利用此漏洞获取服务器上的源码。

当运行在Lighttpd上的mod_cgi无法再继续fork时（如达到ulimit），就会发送cgi脚本的完整源码，导致泄露敏感信息。

<*来源：Christian Hoffmann

  链接：http://secunia.com/advisories/29235/
        https://bugs.gentoo.org/show_bug.cgi?format=multiple&id=211956
        http://security.gentoo.org/glsa/glsa-200803-10.xml
        http://www.debian.org/security/2008/dsa-1513
*>

建议：

厂商补丁：

Debian
------
Debian已经为此发布了一个安全公告（DSA-1513-1）以及相应补丁:
DSA-1513-1：New lighttpd packages fix CGI source disclosure
链接：http://www.debian.org/security/2008/dsa-1513

补丁下载：
Source archives:

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5.diff.gz
Size/MD5 checksum:    36835 fa55bbf4bf1b9a555cc4b7b368a059f6
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13.orig.tar.gz
Size/MD5 checksum:   793309 3a64323b8482b0e8a6246dbfdb4c39dc
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5.dsc
Size/MD5 checksum:     1098 52f5881ec943188d8276c600902c84f5

Architecture independent packages:

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-doc_1.4.13-4etch5_all.deb
Size/MD5 checksum:    99430 b13f37c0c8b55e145e6f823d5dd82dee

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch5_alpha.deb
Size/MD5 checksum:    71646 3d0308407b0b089bb8d8a215503f20d8
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch5_alpha.deb
Size/MD5 checksum:    59412 cf3dc4218076b66d5fb04e40cb6e6a03
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch5_alpha.deb
Size/MD5 checksum:    64832 c58a1cfc4a506351ef2425f4e4018113
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch5_alpha.deb
Size/MD5 checksum:    61170 0a2a5196ed776076f29fb8a85976387e
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch5_alpha.deb
Size/MD5 checksum:    64402 58268f6c0dc00b8e0fe16f5cf93a6d86
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5_alpha.deb
Size/MD5 checksum:   318776 55890a8afec6ff4fba50ff2e8ac4df6c

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch5_amd64.deb
Size/MD5 checksum:    69738 92677861a76629b9a3361c2c338d5bb0
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch5_amd64.deb
Size/MD5 checksum:    63434 98b26e827bb4c8a023239a90bfdb45a2
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch5_amd64.deb
Size/MD5 checksum:    60586 a3c573b8d1f921fb93fd28e33ee86d4f
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch5_amd64.deb
Size/MD5 checksum:    58994 de8951a3316888b5874f3b3ee0abe755
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch5_amd64.deb
Size/MD5 checksum:    63726 0ca9bf4df2ca8260495146011e6d3a53
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5_amd64.deb
Size/MD5 checksum:   297048 a12c33257671acdd291f41b7b7f8c64d

arm architecture (ARM)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5_arm.deb
Size/MD5 checksum:   286092 3821f3f07c614ccf1a98cdec79301a18
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch5_arm.deb
Size/MD5 checksum:    58528 1e3e7f75c172bb082c7b083110194c9f
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch5_arm.deb
Size/MD5 checksum:    60664 489518ec1610f510562a1d0a2dfcb940
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch5_arm.deb
Size/MD5 checksum:    69414 41096405646828e7a63a6e4b208d5497
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch5_arm.deb
Size/MD5 checksum:    62916 e74d042125f02400c48f2763d34e6d9a
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch5_arm.deb
Size/MD5 checksum:    62718 3d19c37366365f0e7f3ee06da00df623

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5_hppa.deb
Size/MD5 checksum:   324114 f8cc861ec3e948179387ee31f6f9f3b4
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch5_hppa.deb
Size/MD5 checksum:    61616 fe5f56af17823da3ef58b9a0b8e6d298
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch5_hppa.deb
Size/MD5 checksum:    72826 517acc9044c0d82adea99c3d1ca1f0cc
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch5_hppa.deb
Size/MD5 checksum:    64824 81bd6d5482ce8a3c5179edeecfd08346
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch5_hppa.deb
Size/MD5 checksum:    59764 5d3f99e779ef096348b6749e4c809ba4
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch5_hppa.deb
Size/MD5 checksum:    65288 bdd83e24259d7f2922c3a95b8293b36c

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch5_i386.deb
Size/MD5 checksum:    58916 caed74881673974288bbc290b3ba3479
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch5_i386.deb
Size/MD5 checksum:    63722 5363ca45b9753e937fa011b163e2f376
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch5_i386.deb
Size/MD5 checksum:    63530 dda93744e3b76dd8f9e4a3dba20ca07a
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch5_i386.deb
Size/MD5 checksum:    60684 fb1d5f0bcbabae22f148425b4c42fae5
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch5_i386.deb
Size/MD5 checksum:    70772 73b0ecdcafb617bf8e2e442f1886d9b0
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5_i386.deb
Size/MD5 checksum:   288902 30283b07cea3f0a26dc1a38b839f2807

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5_ia64.deb
Size/MD5 checksum:   403296 6c366b8fed9ff23f19aaf50a66931a69
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch5_ia64.deb
Size/MD5 checksum:    62884 0ccb5f79ae50fbc9967b7af053ff0e76
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch5_ia64.deb
Size/MD5 checksum:    61006 84f8efd4a34a05253e02aae4ad9e666a
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch5_ia64.deb
Size/MD5 checksum:    67184 3bd3cb49438d49c70436d106f97de40d
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch5_ia64.deb
Size/MD5 checksum:    76888 b5d4d899efb03134815b04b570bb8174
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch5_ia64.deb
Size/MD5 checksum:    67326 c3301e3405ea81adbcbfdb25e9175df6

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5_mips.deb
Size/MD5 checksum:   295944 7f5edffb4a6fa10cf0d57353d04939bc
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch5_mips.deb
Size/MD5 checksum:    58380 8f124d373348b24428af69b411966c31
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch5_mips.deb
Size/MD5 checksum:    59762 63dbb566d233a7ca46f646e6f31db643
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch5_mips.deb
Size/MD5 checksum:    69048 a3002e94627fbe13a92f3750767ff833
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch5_mips.deb
Size/MD5 checksum:    62456 4b933ff37574e18d94b518d2dd1ddce1
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch5_mips.deb
Size/MD5 checksum:    62340 c62744ec6d7a84e13cda39089fc2cc40

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch5_mipsel.deb
Size/MD5 checksum:    69848 b01bc2ff253e183ccf000765acb86f81
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch5_mipsel.deb
Size/MD5 checksum:    60592 5aa70a480157629fc6caa35309371236
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch5_mipsel.deb
Size/MD5 checksum:    63194 a7d0666adf203cfc8a3089b7b27e7d27
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch5_mipsel.deb
Size/MD5 checksum:    59104 1d57b007782bbb3116113b418aa4d7c7
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5_mipsel.deb
Size/MD5 checksum:   297028 96a183bd09c3ecee7899fa322a3d249f
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch5_mipsel.deb
Size/MD5 checksum:    63370 b1f2124c09cfce63f77814bdfaf89ec6

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch5_powerpc.deb
Size/MD5 checksum:    65218 22aa056a61b992c613453c4e42a18931
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch5_powerpc.deb
Size/MD5 checksum:    64942 0a52051cdf863e7f4d07a784e9b999a6
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch5_powerpc.deb
Size/MD5 checksum:    71590 497c515d7d21d17b47938bb3ca62c98a
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5_powerpc.deb
Size/MD5 checksum:   323626 5d902bf2d0dad086610eed1a3ef399ff
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch5_powerpc.deb
Size/MD5 checksum:    62298 5a6077d928a46f5412041586a79979a9
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch5_powerpc.deb
Size/MD5 checksum:    60480 e6b803329d925e756ebae8f3b8a25f61

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch5_s390.deb
Size/MD5 checksum:    64456 652df202c4877e31a189fdab5d73c429
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch5_s390.deb
Size/MD5 checksum:    71184 6a27ce3f4965c2f45063fc6a12fc95a1
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch5_s390.deb
Size/MD5 checksum:    64062 a1916058ca6929ba5ede58cd6df1c9fd
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch5_s390.deb
Size/MD5 checksum:    59412 34187112fc60034864b8d7e4ad058010
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch5_s390.deb
Size/MD5 checksum:    60908 f457bf75d0034e57a2b037e091f1e8bc
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5_s390.deb
Size/MD5 checksum:   307020 9eaba4e65073194a68936c9957051597

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch5_sparc.deb
Size/MD5 checksum:    63234 c488f5fd992c2e1bc594614259a81c6d
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch5_sparc.deb
Size/MD5 checksum:    60348 643d00ff129a367c2f3f944ec3e9085d
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch5_sparc.deb
Size/MD5 checksum:    58700 32e6ed5c3bec41941466a4929d1e25ab
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch5_sparc.deb
Size/MD5 checksum:   283968 973579db2fff4ba527bbcfb8a78b4fb5
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch5_sparc.deb
Size/MD5 checksum:    69712 a5b419803f4c7fb418291327c45ce442
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch5_sparc.deb
Size/MD5 checksum:    63262 1748dc5be4967ff3fab5b94863e2be74

补丁安装方法：

1. 手工安装补丁包：

  首先，使用下面的命令来下载补丁软件：
  # wget url  (url是补丁下载链接地址)

  然后，使用下面的命令来安装补丁：
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包：

   首先，使用下面的命令更新内部数据库：
   # apt-get update

   然后，使用下面的命令安装更新软件包：
   # apt-get upgrade

Gentoo
------
Gentoo已经为此发布了一个安全公告（GLSA-200803-10）以及相应补丁:
GLSA-200803-10：lighttpd: Multiple vulnerabilities
链接：http://security.gentoo.org/glsa/glsa-200803-10.xml

所有lighttpd用户都应升级到最新版本：

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=www-servers/lighttpd-1.4.18-r2"

LightTPD
--------
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

http://trac.lighttpd.net/trac/changeset/2107

浏览次数：4262
严重程度：0（网友投票）

本安全漏洞由绿盟科技翻译整理，版权所有，未经许可，不得转载
绿盟科技给您安全的保障

关于我们: 公司介绍; 公司荣誉; 公司新闻

联系我们: 公司总部; 分支机构; 海外机构

快速链接: 绿盟云; 绿盟威胁情报中心NTI; 技术博客