漏洞信息详情
IBM Net.Commerce远程执行任意命令漏洞
- CNNVD编号:CNNVD-200105-058
- 危害等级: 中危
- CVE编号: CVE-2001-0319
- 漏洞类型: SQL注入
- 发布时间: 2001-02-05
- 威胁类型: 远程
- 更新时间: 2005-05-02
- 厂 商: ibm
- 漏洞来源: rudi carell※ rudic...
漏洞简介
Net.Commerce是IBM发行的Websphere的一部分。它提供了一些通用特性使电子商务变得更加容易,其性能和可靠性也有独到之处。 它默认支持的宏特性未对用户输入进行适当的检查,远程攻击者可以利用SQL Injection技术以帐号DB2INST1的权限执行任意SHELL命令。 IBM已经修正了随Net.Commerce 3.2、WebSphere Commerce Suite 4.1发布的有安全漏洞的宏,但是用户自定义宏可能存在同样的安全漏洞。WebSphere Commerce Suite 5.1不受此问题影响,它不使用Net.Data宏。
漏洞公告
临时解决方法: 如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
* 按照如下步骤删除示例宏:
1. 在WEB根目录中找到每个实例对应的db2www.ini 。
2. 检查这些ini文件中的MACRO_PATH,确认只包含用到了的宏,删除示例宏。
3. 删除那些未被用到的目录。
下列目录包含了一些应该被删除的示例代码,如果您需要使用其中一些示例宏,务必仔细修改源码,对用户输入进行适当的检查。
Websphere Commerce Suite and Market Place Edition Version 4.1/4.1.1:
SUN Solaris
/opt/WebSphere/CommerceSuite/macro/en_US/base
/opt/WebSphere/CommerceSuite/macro/en_US/bus2bus
/opt/WebSphere/CommerceSuite/macro/en_US/category
/opt/WebSphere/CommerceSuite/macro/en_US/demomall
/opt/WebSphere/CommerceSuite/macro/en_US/euromall
/opt/WebSphere/CommerceSuite/macro/en_US/grocery
/opt/WebSphere/CommerceSuite/macro/en_US/product
/opt/WebSphere/CommerceSuite/macro/en_US/tutorial
/opt/WebSphere/CommerceSuite/models
IBM AIX
/usr/lpp/CommerceSuite/macro/en_US/base
/usr/lpp/CommerceSuite/macro/en_US/bus2bus
/usr/lpp/CommerceSuite/macro/en_US/category
/usr/lpp/CommerceSuite/macro/en_US/demomall
/usr/lpp/CommerceSuite/macro/en_US/euromall
/usr/lpp/CommerceSuite/macro/en_US/grocery
/usr/lpp/CommerceSuite/macro/en_US/product
/usr/lpp/CommerceSuite/macro/en_US/tutorial /usr/lpp/CommerceSuite/models
Windows NT
IBM\CommerceSuite\macro\en_US\base IBM\CommerceSuite\macro\en_US\bus2bus
IBM\CommerceSuite\macro\en_US\category
IBM\CommerceSuite\macro\en_US\demomall
IBM\CommerceSuite\macro\en_US\euromall
IBM\CommerceSuite\macro\en_US\grocery IBM\CommerceSuite\macro\en_US\product
IBM\CommerceSuite\macro\en_US\ncsample
IBM\CommerceSuite\macro\en_US\tutorial
IBM\CommerceSuite\models IBM\CommerceSuite\instance\
Net.Commerce/Service Provider Edition Version 3.2
SUN Solaris
/opt/IBMnetc/NetCommerce3/macro/en_US/bus2bus
/opt/IBMnetc/NetCommerce3/macro/en_US/category
/opt/IBMnetc/NetCommerce3/macro/en_US/demomall
/opt/IBMnetc/NetCommerce3/macro/en_US/euromall
/opt/IBMnetc/NetCommerce3/macro/en_US/grocery
/opt/IBMnetc/NetCommerce3/macro/en_US/ncsample
/opt/IBMnetc/NetCommerce3/macro/en_US/product
/opt/IBMnetc/NetCommerce3/macro/en_US/tutorial
IBM AIX
/usr/lpp/NetCommerce3/macro/en_US/bus2bus
/usr/lpp/NetCommerce3/macro/en_US/category
/usr/lpp/NetCommerce3/macro/en_US/demomall
/usr/lpp/NetCommerce3/macro/en_US/euromall
/usr/lpp/NetCommerce3/macro/en_US/grocery
/usr/lpp/NetCommerce3/macro/en_US/ncsample
/usr/lpp/NetCommerce3/macro/en_US/product
/usr/lpp/NetCommerce3/macro/en_US/tutorial
Windows NT
IBM\NetCommerce3\macro\en_US\bus2bus IBM\NetCommerce3\macro\en_US\category
IBM\NetCommerce3\macro\en_US\demomall IBM\NetCommerce3\macro\en_US\euromall
IBM\NetCommerce3\macro\en_US\grocery IBM\NetCommerce3\macro\en_US\ncsample
IBM\NetCommerce3\macro\en_US\product IBM\NetCommerce3\macro\en_US\tutorial
厂商补丁:
IBM
---
IBM已经为此发布了一个安全公告(MSS-OAR-E01-2001:087)以及相应补丁:
MSS-OAR-E01-2001:087:Re: Passwords in Net.Commerce/WebSphere decryptable, any version
IBM已经修正了该漏洞,参看
http://www-4.ibm.com/software/webservers/commerce/netcomletter.HTML
升级到不受此问题影响的版本,至少应该升级到Net.Commerce 3.2,它修补了管理宏,删除了一些示例宏。
参考网址
来源: BID 名称: 2350 链接:http://www.securityfocus.com/bid/2350 来源: www-4.ibm.com 链接:http://www-4.ibm.com/software/webservers/commerce/netcomletter.HTML 来源: BUGTRAQ 名称: 20010205 IBM NetCommerce Security 链接:http://archives.neohapsis.com/archives/bugtraq/2001-02/0072.HTML 来源: XF 名称: ibm-netcommerce-reveal-information(6067) 链接:http://xforce.iss.net/xforce/xfdb/6067
受影响实体
- Ibm Net.Commerce:2.0
- Ibm Net.Commerce:3.0
- Ibm Net.Commerce:3.1:Pro
- Ibm Net.Commerce:3.1:Start
- Ibm Net.Commerce:3.1.1:Pro
补丁
暂无
评论