Sambar Server Perl script source disclosure

sambar-script-source-disclosure (8876) The risk level is classified as LowLow Risk

Description:

Sambar Server could allow a remote attacker to obtain the source code of a Perl script. A remote attacker can send a specially-crafted HTTP request containing a space and null character (%00) for a known script to bypass URL parsing on the server and display the source code of the Perl script.


Consequences:

Obtain Information

Remedy:

Upgrade to the latest version of Sambar Server (5.2b or later), as listed in KPMG Security Advisory KPMG-2002012. See References.

References:

  • BugTraq Mailing List, Thu Apr 18 2002 - 01:54:52 CDT: KPMG-2002012: (Re-submitted) Sambar Webserver Serverside Fileparse Bypass.
  • Sambar Technologies Web site: WWW Server Security Alert. (Vendor states that "All releases prior to the 5.2 beta 1 release are vulnerable to having the source code associated with CGI scripts and JSP files exposed via an URL sequence.")
  • BID-4533: Sambar Server Script Source Disclosure Vulnerability
  • CVE-2002-0737: Sambar web server before 5.2 beta 1 allows remote attackers to obtain source code of server-side scripts, or cause a denial of service (resource exhaustion) via DOS devices, using a URL that ends with a space and a null character.
  • OSVDB ID: 5122: Sambar Server Null Terminated URL Arbitrary Source Disclosure
  • OSVDB ID: 5123: Sambar DOS Device Name DoS
  • US-CERT VU#117139: Sambar Web Server vulnerable to sourcecode disclosure due to improper parsing of scripts

Platforms Affected:

  • Sambar Sambar Server 5.1

Reported:

Apr 18, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page