安全研究

安全漏洞
Lighttpd mod_userdir区分大小写比较信息泄露漏洞

发布日期:2008-10-06
更新日期:2008-10-07

受影响系统:
LightTPD LightTPD 1.4.x
不受影响系统:
LightTPD LightTPD 1.4.20
描述:
BUGTRAQ  ID: 31600
CVE(CAN) ID: CVE-2008-4360

Lighttpd是一款轻型的开放源码Web Server软件包。

当使用不区分大小写的操作系统或文件系统时,Lighttpd的mod_userdir模块对配置选项中的文件名组件执行了区分大小写的比较,这可能允许远程攻击者绕过预期的访问限制。例如,如果将php配置为处理以.php结尾的文件时,攻击者就可以通过http://example.com/~user/file.PHP 请求获得PHP源码。

<*来源:anders1
  
  链接:http://secunia.com/advisories/32069/
        http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt
        http://www.debian.org/security/2008/dsa-1645
        http://security.gentoo.org/glsa/glsa-200812-04.xml
*>

建议:
厂商补丁:

Debian
------
Debian已经为此发布了一个安全公告(DSA-1645-1)以及相应补丁:
DSA-1645-1:New lighttpd packages fix various problems
链接:http://www.debian.org/security/2008/dsa-1645

补丁下载:

Source archives:

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch11.dsc
Size/MD5 checksum:     1108 d747ed7b2063ad6696064bf821c50a00
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch11.diff.gz
Size/MD5 checksum:    38244 c6de19903fcf9972a3db86af50c3dfb6

Architecture independent packages:

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-doc_1.4.13-4etch11_all.deb
Size/MD5 checksum:   100436 4b00f0a8ec894c84f01e0924121ddc16

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch11_amd64.deb
Size/MD5 checksum:   298530 b1ebecc6e7bf459f367d7cd697cfc826
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch11_amd64.deb
Size/MD5 checksum:    70718 17ccecf27a1fd3889cafbcf99b438959
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch11_amd64.deb
Size/MD5 checksum:    64420 7eeeab5dac95d1318f7c0ccafdc88db3
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch11_amd64.deb
Size/MD5 checksum:    59536 8c6c8f79f475e1168e7c6034fab19e7e
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch11_amd64.deb
Size/MD5 checksum:    61266 51b5201427b3ef3b14f1fd8346a2be69
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch11_amd64.deb
Size/MD5 checksum:    64070 d2558ad437f37b51370649f61bd594fa

arm architecture (ARM)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch11_arm.deb
Size/MD5 checksum:    70076 9e71864930a9b029faa7d06cb83ad368
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch11_arm.deb
Size/MD5 checksum:    61170 bf9adc9694e8079789f74c1ef7f159d7
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch11_arm.deb
Size/MD5 checksum:    63226 613c8ac801f2897c61e9ff0e2da39e64
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch11_arm.deb
Size/MD5 checksum:    59046 939e326f979ffd4ec524a37398a9a668
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch11_arm.deb
Size/MD5 checksum:   287252 373373dbe20c5073e93e8ecb2a7c293e
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch11_arm.deb
Size/MD5 checksum:    63434 b653d9e0dfefb364724ea7495cd98c39

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch11_hppa.deb
Size/MD5 checksum:   324728 73b5dd3a1eeeeffd0f0b0190ff0cdf95
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch11_hppa.deb
Size/MD5 checksum:    65224 046f3680fb5ded22085042cf0643311e
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch11_hppa.deb
Size/MD5 checksum:    65712 918e553fb47bc57c8047ec1858399bcc
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch11_hppa.deb
Size/MD5 checksum:    60226 8fc494d0eba0ec181acd276967f3bf6a
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch11_hppa.deb
Size/MD5 checksum:    72628 b7b7512883bec97a11b68da12f0b0447
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch11_hppa.deb
Size/MD5 checksum:    62188 bcab41cca185b771d91bac5b2b9d0d47

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch11_i386.deb
Size/MD5 checksum:    61070 f6ea45c9b9ed3bd7f0d981e19d71fdf1
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch11_i386.deb
Size/MD5 checksum:    63808 3bb9c5035f9a1e06ba9cb7af51e99a65
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch11_i386.deb
Size/MD5 checksum:    71108 6ae8d10751c07ae66bff8bed2e17f715
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch11_i386.deb
Size/MD5 checksum:   289948 72af5544b50eb7b28f0824d49cc46bd9
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch11_i386.deb
Size/MD5 checksum:    64002 5ac520a0beb4b0049813d172da8e3c8c
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch11_i386.deb
Size/MD5 checksum:    59390 f66da44a91b9dc4c733dfcfc493647f1

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch11_ia64.deb
Size/MD5 checksum:    67894 5097db8cd6a61d6d6129b6e9b5c436e1
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch11_ia64.deb
Size/MD5 checksum:    67744 20093c425950cc552b02dc1849003c12
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch11_ia64.deb
Size/MD5 checksum:   403884 59b49d630c89b528fe46ea909dfc945c
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch11_ia64.deb
Size/MD5 checksum:    61546 85f2515fd4b1d9789c4a29607cdf3f68
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch11_ia64.deb
Size/MD5 checksum:    77444 7a4bf21dc0c64f18fde8ba5e437a19f7
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch11_ia64.deb
Size/MD5 checksum:    63420 1b0da59a7d8d819f0fcedea756337824

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch11_mips.deb
Size/MD5 checksum:    63074 1b8f8b706976a7050ce692a44c3235c2
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch11_mips.deb
Size/MD5 checksum:    69648 5431ee8bb1b51afb606698a483375e07
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch11_mips.deb
Size/MD5 checksum:   296954 7f0e552d9f0e8a8db5f85667b3b2442a
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch11_mips.deb
Size/MD5 checksum:    58994 9774b5ec6521ac3585faa319ce987965
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch11_mips.deb
Size/MD5 checksum:    62948 91c0a914100ce9247f145828dace542c
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch11_mips.deb
Size/MD5 checksum:    60368 ac07e4609a5447335749290dd65b67d7

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch11_powerpc.deb
Size/MD5 checksum:    72168 331b11ad7120113ad3868ee6caea7379
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch11_powerpc.deb
Size/MD5 checksum:    62838 f0cd5f92e92ce7cf29c1492906ad2369
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch11_powerpc.deb
Size/MD5 checksum:    65786 fdeb6f0bba353cf7bfe5e32628984e41
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch11_powerpc.deb
Size/MD5 checksum:    65510 68d7c6a4deb32000d34767ef58b64618
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch11_powerpc.deb
Size/MD5 checksum:   324380 6cb824c5f80fe7f5268321528bfeb0a0
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch11_powerpc.deb
Size/MD5 checksum:    61026 ea46e63147d354f3e3c3bbf924de34b8

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch11_s390.deb
Size/MD5 checksum:    64998 332bc6cc8b74acc9785083f8c04486eb
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch11_s390.deb
Size/MD5 checksum:    71752 eb3be87d9bf983f15b01369d4cfe7ece
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch11_s390.deb
Size/MD5 checksum:    59956 8e7b812b20a7c81a324dcc001c385722
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch11_s390.deb
Size/MD5 checksum:   307788 11159eae7ab16e5e1e7a7be479beba42
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch11_s390.deb
Size/MD5 checksum:    61444 3d8689c48093b15ce1aa41a8e64c0415
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch11_s390.deb
Size/MD5 checksum:    64606 6df415487e8b951fc8394328640760dd

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch11_sparc.deb
Size/MD5 checksum:    59346 673f046f66e2580edd7b78492ff90b82
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch11_sparc.deb
Size/MD5 checksum:    61050 7d2fdcc70e4ddd86d2f3a7a66ed6c1f5
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch11_sparc.deb
Size/MD5 checksum:    64032 8a1e6bc3aa8bfb27588706d606966898
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch11_sparc.deb
Size/MD5 checksum:    63992 a11081ea69387ca39029aa5fcc6dfe34
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch11_sparc.deb
Size/MD5 checksum:    70442 936290009a438ea0827cc281ae320496
http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch11_sparc.deb
Size/MD5 checksum:   283902 464cd3874bbbd4727d179f8bdf4710fa

补丁安装方法:

1. 手工安装补丁包:

  首先,使用下面的命令来下载补丁软件:
  # wget url  (url是补丁下载链接地址)

  然后,使用下面的命令来安装补丁:  
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包:

   首先,使用下面的命令更新内部数据库:
   # apt-get update
  
   然后,使用下面的命令安装更新软件包:
   # apt-get upgrade

Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200812-04)以及相应补丁:
GLSA-200812-04:lighttpd: Multiple vulnerabilities
链接:http://security.gentoo.org/glsa/glsa-200812-04.xml

所有lighttpd用户都应升级到最新版本:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-servers/lighttpd-1.4.20"

LightTPD
--------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://trac.lighttpd.net/trac/ticket/1589

浏览次数:3952
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障
关于我们
公司介绍
公司荣誉
公司新闻
联系我们
公司总部
分支机构
海外机构
快速链接
绿盟云
绿盟威胁情报中心NTI
技术博客