当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2012-010247

漏洞标题:大河网分站命令执行

相关厂商:大河网

漏洞作者: zhk

提交时间:2012-07-28 02:16

修复时间:2012-09-11 02:17

公开时间:2012-09-11 02:17

漏洞类型:系统/服务补丁不及时

危害等级:高

自评Rank:16

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2012-07-28: 细节已通知厂商并且等待厂商处理中
2012-07-31: 厂商已经确认,细节仅向厂商公开
2012-08-10: 细节向核心白帽子及相关领域专家公开
2012-08-20: 细节向普通白帽子公开
2012-08-30: 细节向实习白帽子公开
2012-09-11: 细节向公众公开

简要描述:

大河网struts命令执行

详细说明:

大河网struts命令执行
http://jdwt.dahe.cn/
http://jdwt.dahe.cn/focus/admin/login.do

漏洞证明:

成功添加管理员zhktest

\\SVCTAG-5DC7Q2X ?????
-------------------------------------------------------------------------------
Administrator Guest SUPPORT_388945a0
zhktest


Interface: 192.168.1.174 --- 0x10003
Internet Address Physical Address Type
192.168.1.10 00-1c-54-23-18-8a dynamic
192.168.1.95 00-1e-c9-ea-a0-0f dynamic
192.168.1.151 00-23-ae-ec-a8-7c dynamic
192.168.1.157 00-26-b9-fb-2c-e4 dynamic
192.168.1.158 00-26-b9-fb-2d-90 dynamic
192.168.1.163 00-26-b9-fa-e0-30 dynamic
192.168.1.173 00-23-ae-fd-ae-48 dynamic
192.168.1.176 00-23-ae-fd-af-a0 dynamic
192.168.1.177 00-23-ae-fd-6d-24 dynamic
192.168.1.239 00-0d-56-b9-66-ca dynamic

????                       PID ???              ??#       ???? 
========================= ======== ================ =========== ============
System Idle Process 0 Console 0 28 K
System 4 Console 0 476 K
smss.exe 312 Console 0 524 K
csrss.exe 360 Console 0 2,776 K
winlogon.exe 384 Console 0 3,888 K
services.exe 432 Console 0 4,012 K
lsass.exe 444 Console 0 10,888 K
svchost.exe 652 Console 0 3,184 K
svchost.exe 716 Console 0 3,892 K
svchost.exe 788 Console 0 5,316 K
svchost.exe 824 Console 0 7,588 K
svchost.exe 840 Console 0 22,508 K
spoolsv.exe 968 Console 0 5,732 K
msdtc.exe 1164 Console 0 4,700 K
svchost.exe 1284 Console 0 2,572 K
NTRtScan.exe 1328 Console 0 5,896 K
svchost.exe 1376 Console 0 2,032 K
ConfigCenter.exe 1404 Console 0 6,404 K
HttpSvr.exe 1456 Console 0 10,100 K
rtxsvrmain.exe 1720 Console 0 6,808 K
r_server.exe 1784 Console 0 5,624 K
snmp.exe 1824 Console 0 5,156 K
TmListen.exe 1900 Console 0 5,264 K
HttpSvr.exe 2096 Console 0 9,984 K
CNTAoSMgr.exe 2488 Console 0 2,856 K
LicenseServer.exe 2540 Console 0 9,704 K
DBServer.exe 2584 Console 0 12,484 K
GroupServer.exe 2636 Console 0 6,968 K
ConnServer.exe 3044 Console 0 28,136 K
AppServer.exe 3056 Console 0 15,040 K
SDKServer.exe 3168 Console 0 10,852 K
SessionServer.exe 3740 Console 0 5,964 K
InfoServer.exe 4112 Console 0 7,736 K
FileServer.exe 4212 Console 0 21,896 K
UpgradeSvr.exe 4324 Console 0 24,768 K
GW.exe 4464 Console 0 5,676 K
AppManager.exe 4536 Console 0 8,664 K
DisGroupServer.exe 4548 Console 0 9,912 K
AppDllHost.exe 4848 Console 0 6,104 K
AppDllHost.exe 4860 Console 0 51,248 K
AppDllHost.exe 4940 Console 0 9,852 K
AppDllHost.exe 4948 Console 0 31,364 K
RCAServer.exe 4964 Console 0 15,944 K
RCAProxyFileServer.exe 5204 Console 0 25,576 K
svchost.exe 5536 Console 0 5,088 K
wmiprvse.exe 2064 Console 0 5,692 K
explorer.exe 1980 Console 0 17,508 K
MtxHotPlugService.exe 7000 Console 0 1,396 K
PccNTMon.exe 7012 Console 0 4,412 K
ctfmon.exe 7004 Console 0 3,640 K
conime.exe 7032 Console 0 2,664 K
ADSms.exe 7060 Console 0 9,228 K
mysqld.exe 7504 Console 0 10,284 K
baidu.exe 7748 Console 0 26,268 K
java.exe 6296 Console 0 581,620 K
logon.scr 5520 Console 0 2,004 K
wmiprvse.exe 4972 Console 0 6,164 K
tasklist.exe 6892 Console 0 4,252 K

修复方案:

打补丁

版权声明:转载请注明来源 zhk@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2012-07-31 08:03

厂商回复:

非常感谢

最新状态:

暂无


漏洞评价:

评论