Actu
Vigil@nce - Apache XML-RPC: file access via XML entities
October 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker can provide XML data using an external entity, in
order to access to the content of a file or to create a denial of
service.
Severity: 2/4
Creation date: 04/10/2010
DESCRIPTION OF THE VULNERABILITY
XML data can contain external entities (DTD):
To validate the XML document, the program can replace these
entities by data coming from the file. When the program uses XML
data coming from an untrusted source, this behavior leads to:
– content disclosure from files of the server
– private web site scan
– a denial of service by opening a blocking file
However, Apache XML-RPC does not disable this feature for all
queries analyzd by its SAX parser.
When Apache XML-RPC processes XML data from a untrusted source, an
attacker can therefore access to files or create a denial of
service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Apache-XML-RPC-file-access-via-XML-entities-9992
