Vulnerabilities > CVE-2000-0883 - Unspecified vulnerability in Mandrakesoft Mandrake Linux 6.1/7.0/7.1

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
mandrakesoft
nessus
exploit available

Summary

The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.

Exploit-Db

descriptionMandrake 6.1/7.0/7.1 /perl http Directory Disclosure Vulnerability. CVE-2000-0883. Remote exploit for linux platform
idEDB-ID:20220
last seen2016-02-02
modified2000-09-11
published2000-09-11
reporteranonymous
sourcehttps://www.exploit-db.com/download/20220/
titleMandrake 6.1/7.0/7.1 /perl http Directory Disclosure Vulnerability

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2000-046.NASL
    descriptionThe configuration file, /etc/httpd/conf/addon-modules/mod_perl.conf contained an Options directive that was not entirely secure and allowed people to browse the /perl/ directory. This update adds the
    last seen2020-06-01
    modified2020-06-02
    plugin id61838
    published2012-09-06
    reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/61838
    titleMandrake Linux Security Advisory : mod_perl (MDKSA-2000:046)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2000:046. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(61838);
      script_version("1.5");
      script_cvs_date("Date: 2019/08/02 13:32:46");
    
      script_cve_id("CVE-2000-0883");
      script_xref(name:"MDKSA", value:"2000:046");
    
      script_name(english:"Mandrake Linux Security Advisory : mod_perl (MDKSA-2000:046)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Mandrake Linux host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The configuration file, /etc/httpd/conf/addon-modules/mod_perl.conf
    contained an Options directive that was not entirely secure and
    allowed people to browse the /perl/ directory. This update adds the
    '-Indexes' directive to the Options command, thus making the directory
    non- browseable."
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected mod_perl package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mod_perl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:6.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:7.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:7.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2000/09/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/06");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK6.1", cpu:"i386", reference:"mod_perl-1.21-17mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK7.0", cpu:"i386", reference:"mod_perl-1.21-21mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK7.1", cpu:"i386", reference:"mod_perl-1.22-29mdk", yank:"mdk")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyWeb Servers
    NASL idPERL_BROWSEABLE.NASL
    descriptionThe /perl directory is browsable. This will show you the name of the installed common perl scripts and those that are written by the webmaster and thus may be exploitable. This plugin has been deprecated. Webmirror3 (plugin ID 10662) will identify a browsable directory.
    last seen2017-01-01
    modified2016-12-30
    plugin id10511
    published2000-09-12
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=10511
    titlemod_perl for Apache HTTP Server /perl/ Directory Listing (deprecated)
    code
    #%NASL_MIN_LEVEL 999999
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # @DEPRECATED@
    #
    # Disabled on 2016/04/01. Webmirror3.nbin will identify browsable
    # directories.
    
    include("compat.inc");
    
    if(description)
    {
     script_id(10511);
     script_version ("1.24");
     script_cvs_date("Date: 2018/07/24 18:56:13");
    
     script_cve_id("CVE-2000-0883");
     script_bugtraq_id(1678);
    
     script_name(english:"mod_perl for Apache HTTP Server /perl/ Directory Listing (deprecated)");
     script_summary(english:"Checks if /perl browsable.");
     
     script_set_attribute(attribute:"synopsis", value:
    "This plugin has been deprecated.");
     script_set_attribute(attribute:"description", value:
    "The /perl directory is browsable. This will show you the name of the
    installed common perl scripts and those that are written by the
    webmaster and thus may be exploitable.
    
    This plugin has been deprecated. Webmirror3 (plugin ID 10662) will
    identify a browsable directory.");
     script_set_attribute(attribute:"solution", value:"n/a");
     script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
     script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
     script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
     script_set_attribute(attribute:"exploit_available", value:"false");
    
     script_set_attribute(attribute:"vuln_publication_date", value: "2000/09/11");
     script_set_attribute(attribute:"plugin_publication_date", value: "2000/09/12");
     
     script_set_attribute(attribute:"plugin_type", value:"remote");
     script_end_attributes();
     
     script_category(ACT_GATHER_INFO);
     script_family(english:"Web Servers");
    
     script_copyright(english:"This script is Copyright (C) 2000-2018 Tenable Network Security, Inc.");
    
     script_dependencie("http_version.nasl");
     script_require_ports("Services/www", 80);
    
     exit(0);
    }
    
    # Deprecated.
    exit(0, "This plugin has been deprecated. Webmirror3 (plugin ID 10662) will identify a browsable directory.");
    
    #
    # The script code starts here
    
    include("global_settings.inc");
    include("misc_func.inc");
    include("http.inc");
    
    port = get_http_port(default:80);
    
    r = http_send_recv3(method: "GET", item:"/perl/", port:port);
    if (isnull(r)) exit(1, "Server did not answer");
    
    if (" 200 " >< r[0])
    {
      buf = tolower(r[2]);
      must_see = "index of /perl";
    
      if (must_see >< buf)
      {
        security_warning(port);
        set_kb_item(name: 'www/'+port+'/content/directory_index', value: '/perl:');
      }
    }