CNVD-2016-05925

Vulnerability from cnvd - Published: 2016-08-03
VLAI Severity ?
Title
Z-BLOG Blind-XXE任意文件读取漏洞
Description
Z-Blog是由RainbowSoft Studio开发的一款基于Asp平台的Blog程序。 Z-Blog存在任意文件读取漏洞。/zb_system/xml-rpc/index.php直接调用simple_load_string解析XML,导致XML实体注入,攻击者利用漏洞可读取系统文件。
Severity
Patch Name
Z-BLOG Blind-XXE任意文件读取漏洞的补丁
Patch Description
Z-Blog是由RainbowSoft Studio开发的一款小巧而强大的基于Asp平台的Blog程序,其创始人为朱煊(网名:zx.asd)。/zb_system/xml-rpc/index.php 641行,直接调用simple_load_string解析XML,造成了一个XML实体注入。目前,厂商已经发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

目前厂商已经发布了安全公告及相关升级补丁,修复了此安全问题,请到厂商主页下载: http://bbs.zblogcn.com/thread-88670-1-1.html

Reference
http://0day5.com/archives/3216
Impacted products
Name
Z-blog Z-blog
Show details on source website
To clipboard Create KEV Entry 

{
  "description": "Z-Blog\u662f\u7531RainbowSoft Studio\u5f00\u53d1\u7684\u4e00\u6b3e\u57fa\u4e8eAsp\u5e73\u53f0\u7684Blog\u7a0b\u5e8f\u3002\r\n\r\nZ-Blog\u5b58\u5728\u4efb\u610f\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e\u3002/zb_system/xml-rpc/index.php\u76f4\u63a5\u8c03\u7528simple_load_string\u89e3\u6790XML\uff0c\u5bfc\u81f4XML\u5b9e\u4f53\u6ce8\u5165\uff0c\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u53ef\u8bfb\u53d6\u7cfb\u7edf\u6587\u4ef6\u3002",
  "discovererName": "\u6ca1\u7a7f\u5e95\u88e4",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u5347\u7ea7\u8865\u4e01,\u4fee\u590d\u4e86\u6b64\u5b89\u5168\u95ee\u9898,\u8bf7\u5230\u5382\u5546\u4e3b\u9875\u4e0b\u8f7d:\r\nhttp://bbs.zblogcn.com/thread-88670-1-1.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-05925",
  "openTime": "2016-08-03",
  "patchDescription": "Z-Blog\u662f\u7531RainbowSoft Studio\u5f00\u53d1\u7684\u4e00\u6b3e\u5c0f\u5de7\u800c\u5f3a\u5927\u7684\u57fa\u4e8eAsp\u5e73\u53f0\u7684Blog\u7a0b\u5e8f\uff0c\u5176\u521b\u59cb\u4eba\u4e3a\u6731\u714a(\u7f51\u540d\uff1azx.asd)\u3002/zb_system/xml-rpc/index.php 641\u884c\uff0c\u76f4\u63a5\u8c03\u7528simple_load_string\u89e3\u6790XML\uff0c\u9020\u6210\u4e86\u4e00\u4e2aXML\u5b9e\u4f53\u6ce8\u5165\u3002\u76ee\u524d\uff0c\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Z-BLOG Blind-XXE\u4efb\u610f\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Z-blog Z-blog"
  },
  "referenceLink": "http://0day5.com/archives/3216",
  "serverity": "\u4e2d",
  "submitTime": "2015-07-08",
  "title": "Z-BLOG Blind-XXE\u4efb\u610f\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.