当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2010-0985

漏洞标题:中华英才网DNS域传送问题

相关厂商:chinahr.com

漏洞作者: slashapp

提交时间:2010-12-17 16:27

修复时间:2010-12-17 16:44

公开时间:2010-12-17 16:44

漏洞类型:网络敏感信息泄漏

危害等级:低

自评Rank:5

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2010-12-17: 积极联系厂商并且等待厂商认领中,细节不对外公开
2010-12-17: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

域传送

详细说明:

漏洞证明:


> ls chinahr.com
[ns102.chinahr.com]
chinahr.com. NS server = ns102.chinahr.com
chinahr.com. NS server = ns103.chinahr.com
chinahr.com. A 211.151.252.200
* A 211.151.252.189
08zjgz A 211.151.252.149
09zjgz A 211.151.252.149
2010bestemployer A 211.151.252.55
activerresume A 211.151.252.39
ad A 211.151.252.150
*.admin A 211.151.252.190
adminresumesearch A 211.151.252.40
adminsys A 211.151.253.192
alibaba A 211.151.252.55
campus.alipay A 211.151.252.192
atslink A 211.151.253.194
ws.atslink A 211.151.253.194
autodiscover A 60.247.26.6
avicapc2011 A 211.151.252.55
az A 211.151.252.150
bbs A 211.151.253.14
bearingpoint A 211.151.252.192
beijing1 A 118.144.84.56
bing A 211.151.252.62
bjoffic A 219.239.5.219
blog A 211.151.252.193
bluepathway A 211.151.252.192
bluepathway1 A 121.52.212.245
bluepathway2008 A 202.108.205.178
bluestart A 211.151.252.192
bluestart2009 A 121.52.212.245
bo A 211.151.252.59
bo1 A 118.144.84.50
boc A 211.151.252.192
campus A 211.151.252.56
*.campus A 211.151.252.55
haier.campus A 211.151.252.192
campus1 A 118.144.84.59
campus2002 A 211.151.252.192
campus2005 A 211.151.252.192
campusbbs A 211.151.253.14
campusfly A 211.151.252.192
campusv A 211.151.253.14
campuswin A 211.151.252.192
campusys A 211.151.252.150
campusys2005 A 211.151.252.192
campusys2010 A 211.151.253.193
campusys6 A 211.151.252.150
campusys7 A 211.151.252.150
CampuSysATS A 211.151.252.150
CampuSysATS1 A 211.151.252.150
CampuSysATS2 A 211.151.252.150
campusysdemo A 218.247.5.149
canadian-solar A 211.151.252.55
canon A 211.151.251.85
cdn NS server = gtm01.cdn.chinahr.com
cdn NS server = gtm02.cdn.chinahr.com
gtm01.cdn A 220.181.21.20
gtm02.cdn A 211.151.253.20
chat A 211.151.253.14
cisco A 211.151.252.192
club A 220.181.21.50
cms A 211.151.251.85
cnexcbeiedg01 A 60.247.26.5
cnexcbeiedg02 A 114.255.213.69
cnnc A 211.151.252.87
cofco-campus A 211.151.252.192
colgate A 211.151.252.192
consult A 211.151.252.191
content A 211.151.252.189
contenthrp A 211.151.252.189
continental A 211.151.252.55
contract A 211.151.252.247
copc A 211.151.253.199
autodiscover.corp A 60.247.26.6
cp A 211.151.252.189
crs A 211.151.253.192
csvw A 211.151.252.55
daoshi A 211.151.252.62
dianping A 211.151.252.55
digitalchina2009 A 211.151.252.55
dtt A 211.151.252.192
dtt08 A 211.151.252.192
dtt09 A 211.151.252.192
dtt10 A 211.151.252.192
ehr A 211.151.252.120
ennvip A 211.151.252.55
erposms A 211.151.252.60
errorreport A 211.151.252.167
escv A 218.249.14.2
extremeblue A 211.151.252.192
extremeblue2007 A 211.151.252.192
ftpfin A 118.144.84.86
ftpidc A 118.144.84.70
fw A 211.151.252.180
gadgets A 211.151.252.180
geely A 211.151.252.200
haier2010 A 211.151.252.55
haier2011 A 211.151.252.55
Hanslase A 211.151.252.55
hanslaser A 211.151.252.55
hap A 211.151.251.66
hengtian A 211.151.252.192
hisense A 211.151.252.192
hpcec A 211.151.252.192
hqcec A 211.151.252.200
hrp A 211.151.252.200
hrpdemo A 211.151.251.85
hundsun A 211.151.252.192
hxdi A 211.151.252.192
ibmcampus A 211.151.252.192
images A 211.151.252.150
inside A 118.144.84.22
inspur A 211.151.252.55
interactive A 219.232.240.217
interface A 211.151.253.26
interview A 211.151.252.49
it A 211.151.252.192
jhzmcc A 211.151.252.55
jian A 211.151.253.14
jobindex A 211.151.252.200
jobs A 211.151.252.122
jobsatgdc A 211.151.252.55
jobstate A 211.151.252.10
johnsoncontrols A 211.151.252.55
joinalibaba A 211.151.252.55
joinms-test A 211.151.251.85
joinzmcc A 211.151.252.55
kavip A 211.151.252.200
kavip08 A 211.151.252.189
leads A 118.144.84.62
lgcampus A 211.151.252.192
lingchuan A 211.151.252.55
mail A 218.249.14.5
mail.mailbeta A 218.249.14.3
mailbj A 218.247.5.152
mailgz A 210.21.15.194
mailsh A 220.248.117.226
mailsz A 218.107.241.98
marscampus A 211.151.252.192
mengniu A 211.151.252.55
mesnac A 211.151.252.55
metrics5 A 211.151.252.43
microstrategy A 211.151.252.55
midwestcallcenter A 211.151.252.55
mp A 211.151.252.45
mx1 A 211.151.252.88
mx2 A 211.151.252.97
mx31 A 220.248.117.230
mx41 A 218.107.241.101
mx61 A 218.247.5.148
mx91 A 218.247.5.158
my A 211.151.252.180
mytencentsns A 211.151.252.29
nationalchip A 211.151.252.55
ns102 A 211.151.253.102
ns103 A 211.151.253.103
nsn A 211.151.252.55
oma A 218.247.5.148
page A 211.151.253.26
page10 A 211.151.253.170
pages A 211.151.252.150
pg A 211.151.252.192
place A 211.151.251.64
preview A 211.151.251.85
promo09 A 118.144.84.60
promolog A 211.151.252.39
recruiter A 211.151.253.26
nsn.recruitment A 211.151.252.55
rsp A 211.151.252.55
safe A 211.151.252.55
salary A 211.151.252.200
schema A 211.151.253.26
searchcv A 211.151.252.100
searchcvnew A 211.151.252.109
searchjob A 211.151.252.161
sgs A 211.151.252.200
shoffice A 210.22.122.218
spdbbj A 211.151.252.55
ssschina A 211.151.252.55
sstc A 211.151.252.192
*.sub A 218.247.5.149
sun A 10.155.3.60
td A 10.155.3.61
tektronix A 211.151.252.55
tel A 211.151.252.247
testcgnpc A 211.151.252.46
testresumeSys A 218.249.14.6
tfs A 10.1.10.27
tfs09 A 10.1.10.47
times A 211.151.252.55
track A 211.151.252.110
trilogy A 211.151.252.192
www.trilogy A 211.151.252.192
uploadsys A 211.151.252.247
video A 211.151.252.150
videofile A 211.151.252.150
vip A 211.151.253.26
vipmade A 211.151.252.193
vipspace A 211.151.252.193
vmwarecampus A 211.151.252.55
vpnidc A 118.144.84.17
vpnidc A 118.144.84.18
vpnmaple A 114.255.213.70
webmail A 60.247.26.6
webop A 211.151.252.247
weichai A 211.151.252.55
www A 211.151.252.200
www1 A 118.144.84.52
wzzmcc A 211.151.252.55
yilivip A 211.151.252.55
YTPU A 211.151.252.55
zgydvip A 211.151.252.55
zhaopinbao A 211.151.252.200
zjnetcom A 211.151.252.192
zjtelecom A 211.151.252.192
zmcc A 211.151.252.55
zmcc2010 A 211.151.252.55
zmcc2011 A 211.151.252.55
>

修复方案:

找专家

版权声明:转载请注明来源 slashapp@乌云


漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝


漏洞评价:

评论