·¢²¼ÈÕÆÚ£º2008-07-16
¸üÐÂÈÕÆÚ£º2008-07-18

ÊÜÓ°Ïìϵͳ£º

Hirsch Electronics Velocity Security Management System 1.0

ÃèÊö£º

---

BUGTRAQ  ID: 30261

Hirsch¹«Ë¾µÄVelocity°²È«¹ÜÀíϵͳÊÇÓÃÓÚ·ÃÎÊ¿ØÖƺͰ²È«²Ù×÷µÄ¹ÜÀíÈí¼þ¡£

Velocity°²È«¹ÜÀíϵͳ´¦Àí»ûÐÎÓû§ÇëÇóʱ´æÔÚ©¶´£¬Ô¶³Ì¹¥»÷Õß¿ÉÒÔÏòVelocity°²È«¹ÜÀíϵͳÄÚǶµÄWEB·þÎñÆ÷Ìá½»¶ñÒâURLÇëÇóÖ´ÐÐĿ¼±éÀú¹¥»÷£¬µ¼ÖÂÏÂÔØ·þÎñÆ÷ÉϵÄÃô¸ÐÊý¾Ý¡£

<*À´Ô´£ºAlexandr Polyakov
  
  Á´½Ó£ºhttp://marc.info/?l=bugtraq&m=121623854331109&w=2
*>

²âÊÔ·½·¨£º

---

¾¯ ¸æ

ÒÔϳÌÐò(·½·¨)¿ÉÄÜ´øÓй¥»÷ÐÔ£¬½ö¹©°²È«Ñо¿Óë½Ìѧ֮Óá£Ê¹ÓÃÕß·çÏÕ×Ô¸º£¡

http://[server]:[port]/../../../../../../../../../../../../../etc/passwd

½¨Ò飺

---

³§É̲¹¶¡£º

Hirsch Electronics
------------------
Ä¿Ç°³§ÉÌ»¹Ã»ÓÐÌṩ²¹¶¡»òÕßÉý¼¶³ÌÐò£¬ÎÒÃǽ¨ÒéʹÓôËÈí¼þµÄÓû§Ëæʱ¹Ø×¢³§É̵ÄÖ÷Ò³ÒÔ»ñÈ¡×îа汾£º

http://hirschelectronics.com/Products_One_Velocity.asp