¡¾Îó²îͨ¸æ¡¿Apache HTTP Server Windows UNC SSRFÎó²î£¨CVE-2024-38472£©

Ðû²¼Ê±¼ä 2024-07-02

Ò»¡¢Îó²î¸ÅÊö

Îó²îÃû³Æ

    Apache   HTTP Server Windows UNC SSRFÎó²î

CVE   ID

CVE-2024-38472

Îó²îÀàÐÍ

SSRF

·¢Ã÷ʱ¼ä

2024-07-02

Îó²îÆÀ·Ö

ÔÝÎÞ

Îó²îÆ·¼¶

¸ßΣ

¹¥»÷ÏòÁ¿

ÍøÂç

ËùÐèȨÏÞ

ÎÞ

ʹÓÃÄѶÈ

µÍ

Óû§½»»¥

ÎÞ

PoC/EXP

δ¹ûÕæ

ÔÚҰʹÓÃ

δ·¢Ã÷

 

Apache HTTP ServerÊÇApacheÈí¼þ»ù½ð»áµÄÒ»¸ö¿ª·ÅÔ´´úÂëµÄÍøÒ³·þÎñÆ÷ £¬ÓÉÓÚÆä¾ßÓпçƽ̨ÐÔºÍÇå¾²ÐÔ £¬±»ÆÕ±éʹÓà £¬ËüÊÇ×îÊ¢ÐеÄWeb·þÎñÆ÷¶ËÈí¼þÖ®Ò»¡£

2024Äê7ÔÂ2ÈÕ £¬×ðÁú¿­¹ÙÍøÈë¿Ú¼¯ÍÅVSRC¼à²âµ½Apache HTTP ServerÐû²¼°æ±¾¸üР£¬ÐÞ¸´ÁËÈç϶à¸ö¸ßΣÎó²î£º

CVE-2024-38472 £ºApache HTTP Server Windows UNC SSRFÎó²î

Windows ÉϵÄApache HTTP Server 2.4.59¼°Ö®Ç°°æ±¾Öб£´æ·þÎñÆ÷¶ËÇëÇóαÔìÎó²î £¬¿ÉÄܵ¼ÖÂÍþвÕßͨ¹ý¶ñÒâ½á¹¹µÄÇëÇó»òÄÚÈÝʹ·þÎñÆ÷Ïò¶ñÒâ·þÎñÆ÷·¢ËÍÇëÇó £¬´Ó¶ø¿ÉÄÜй¶NTLM¹þÏ£ £¬²¢¿ÉÄܵ¼Ö½øÒ»²½¹¥»÷ £¬ÈçÃÜÂëÆƽâ»òÉí·Ýð³ä¡£

CVE-2024-38474 £ºApache HTTP Server mod_rewrite±àÂëÎÊÌâ

Apache HTTP Server 2.4.59¼°Ö®Ç°°æ±¾ÖÐmod_rewriteÄ£¿éÖб£´æÌæ»»±àÂëÎÊÌâ £¬¿ÉÄܵ¼ÖÂÍþвÕßÔÚÉèÖÃËùÔÊÐíµ«ÈκÎURL¶¼ÎÞ·¨Ö±½Ó»á¼ûµÄĿ¼ÖÐÖ´Ðо籾 £¬»òÕßй¶ԭ±¾½ö×÷ΪCGIÖ´Ðеľ籾µÄÔ´´úÂë¡£

CVE-2024-38475£ºApache HTTP Server mod_rewriteÊä³öתÒå²»µ±Îó²î

Apache HTTP Server 2.4.59 ¼°Ö®Ç°°æ±¾ÖÐµÄ mod_rewriteÄ£¿é±£´æÊä³öתÒå²»µ± £¬¿ÉÄܵ¼ÖÂÍþвÕß½« URL Ó³Éäµ½·þÎñÆ÷ÔÊÐíÌṩ·þÎñµ«ÎÞ·¨Í¨¹ýÈκΠURLÖ±½Ó»á¼ûµÄÎļþϵͳλÖà £¬´Ó¶øµ¼Ö´úÂëÖ´ÐлòÔ´´úÂëй¶¡£

CVE-2024-38477£ºApache HTTP Server mod_proxy¾Ü¾ø·þÎñÎó²î

Apache HTTP Server 2.4.59 ¼°Ö®Ç°°æ±¾ÖеÄmod_proxy Öб£´æ¿ÕÖ¸Õë×÷·ÏÒýÓà £¬¿ÉÄܵ¼ÖÂÍþвÕßͨ¹ý¶ñÒâÇëÇóʹ·þÎñÆ÷Í߽⠣¬´Ó¶øÔì³É¾Ü¾ø·þÎñ¡£

 

 

¶þ¡¢Ó°Ïì¹æÄ£

Apache HTTP Server <= 2.4.59

 


Èý¡¢Çå¾²²½·¥

3.1 Éý¼¶°æ±¾

ÏÖÔÚ¸ÃÎó²îÒѾ­ÐÞ¸´ £¬ÊÜÓ°ÏìÓû§¿ÉÉý¼¶µ½Apache HTTP Server 2.4.60¡£

ÏÂÔØÁ´½Ó£º

https://httpd.apache.org/download.cgi

3.2 ÔÝʱ²½·¥

ÔÝÎÞ¡£

3.3 ͨÓý¨Òé

l  °´ÆÚ¸üÐÂϵͳ²¹¶¡ £¬ïÔ̭ϵͳÎó²î £¬ÌáÉý·þÎñÆ÷µÄÇå¾²ÐÔ¡£

l  ÔöǿϵͳºÍÍøÂçµÄ»á¼û¿ØÖÆ £¬Ð޸ķÀ»ðǽսÂÔ £¬¹Ø±Õ·ÇÐëÒªµÄÓ¦Óö˿ڻò·þÎñ £¬ïÔÌ­½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢RDPµÈ£©Ì»Â¶µ½¹«Íø £¬ïÔÌ­¹¥»÷Ãæ¡£

l  ʹÓÃÆóÒµ¼¶Çå¾²²úÆ· £¬ÌáÉýÆóÒµµÄÍøÂçÇå¾²ÐÔÄÜ¡£

l  ÔöǿϵͳÓû§ºÍȨÏÞ¹ÜÀí £¬ÆôÓöàÒòËØÈÏÖ¤»úÖƺÍ×îСȨÏÞÔ­Ôò £¬Óû§ºÍÈí¼þȨÏÞÓ¦¼á³ÖÔÚ×îµÍÏ޶ȡ£

l  ÆôÓÃÇ¿ÃÜÂëÕ½ÂÔ²¢ÉèÖÃΪ°´ÆÚÐ޸ġ£

3.4 ²Î¿¼Á´½Ó

https://httpd.apache.org/security/vulnerabilities_24.html

https://nvd.nist.gov/vuln/detail/CVE-2024-38472


ËÄ¡¢°æ±¾ÐÅÏ¢

°æ±¾

ÈÕÆÚ

±¸×¢

V1.0

2024-07-02

Ê×´ÎÐû²¼

 

 

Îå¡¢¸½Â¼

5.1 ×ðÁú¿­¹ÙÍøÈë¿Ú¼ò½é

×ðÁú¿­¹ÙÍøÈë¿Ú½¨ÉèÓÚ1996Äê £¬ÊÇÓÉÁôÃÀ²©Ê¿ÑÏÍû¼ÑŮʿ½¨ÉèµÄ¡¢ÓµÓÐÍêÈ«×ÔÖ÷֪ʶ²úȨµÄÐÅÏ¢Çå¾²¸ß¿Æ¼¼ÆóÒµ¡£ÊǺ£ÄÚ×î¾ßʵÁ¦µÄÐÅÏ¢Çå¾²²úÆ·¡¢Çå¾²·þÎñ½â¾ö¼Æ»®µÄÁ캽ÆóÒµÖ®Ò»¡£

¹«Ë¾×ܲ¿Î»ÓÚ±±¾©ÊÐÖйشåÈí¼þÔ°×ðÁú¿­¹ÙÍøÈë¿Ú´óÏà £¬¹«Ë¾Ô±¹¤6000ÓàÈË £¬Ñз¢ÍŶÓ1200ÓàÈË, ÊÖÒÕ·þÎñÍŶÓ1300ÓàÈË¡£ÔÚÌìϸ÷Ê¡¡¢ÊС¢×ÔÖÎÇøÉèÁ¢·ÖÖ§»ú¹¹ÁùÊ®¶à¸ö £¬ÓµÓÐÁýÕÖÌìϵÄÏúÊÛϵͳ¡¢ÇþµÀϵͳºÍÊÖÒÕÖ§³Öϵͳ¡£¹«Ë¾ÓÚ2010Äê6ÔÂ23ÈÕÔÚÉîÛÚÖÐС°å¹ÒÅÆÉÏÊС££¨¹ÉƱ´úÂ룺002439£©

¶àÄêÀ´ £¬×ðÁú¿­¹ÙÍøÈë¿ÚÖÂÁ¦ÓÚÌṩ¾ßÓйú¼Ê¾ºÕùÁ¦µÄ×ÔÖ÷Á¢ÒìµÄÇå¾²²úÆ·ºÍ×î¼Ñʵ¼ù·þÎñ £¬×ÊÖú¿Í»§ÖÜÈ«ÌáÉýÆäIT»ù´¡ÉèÊ©µÄÇå¾²ÐÔºÍÉú²úЧÄÜ £¬Îª´òÔìºÍÌáÉý¹ú¼Ê»¯µÄÃñ×åÐÅÏ¢Çå¾²¹¤ÒµÁì¾üÆ·Åƶø²»Ð¸Æ𾢡£

5.2 ¹ØÓÚ×ðÁú¿­¹ÙÍøÈë¿Ú

×ðÁú¿­¹ÙÍøÈë¿ÚÇå¾²Ó¦¼±ÏìÓ¦ÖÐÐÄÒÑÐû²¼1000¶à¸öÎó²îͨ¸æºÍΣº¦Ô¤¾¯ £¬ÎÒÃǽ«Ò»Á¬¸ú×ÙÈ«Çò×îеÄÍøÂçÇå¾²ÊÂÎñºÍÎó²î £¬ÎªÆóÒµµÄÐÅÏ¢Çå¾²±£¼Ý»¤º½¡£

¹Ø×¢ÎÒÃÇ£º

image.png