当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2013-021602

漏洞标题:新浪漏洞系列第四弹-squid ACL配置不严格导致信息泄露漏洞

相关厂商:新浪

漏洞作者: cnbird

提交时间:2013-04-11 16:36

修复时间:2013-05-26 16:36

公开时间:2013-05-26 16:36

漏洞类型:系统/服务运维配置不当

危害等级:中

自评Rank:10

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2013-04-11: 细节已通知厂商并且等待厂商处理中
2013-04-12: 厂商已经确认,细节仅向厂商公开
2013-04-22: 细节向核心白帽子及相关领域专家公开
2013-05-02: 细节向普通白帽子公开
2013-05-12: 细节向实习白帽子公开
2013-05-26: 细节向公众公开

简要描述:

新浪漏洞系列第四弹-squid ACL配置不严格导致信息泄露漏洞
让我等运维菜鸟学习学习squid的命中率和缓存策略到底如何
Request Hit Ratios: 5min: 34.5%, 60min: 41.0%
Byte Hit Ratios: 5min: 30.6%, 60min: 54.9%
Request Memory Hit Ratios: 5min: 65.4%, 60min: 43.7%
Request Disk Hit Ratios: 5min: 31.5%, 60min: 54.1%
证明IO是不是有瓶颈神马的呢,还是object设置的太小命中不了呢?命中率有待提高。
我胡说的,希望专业新浪运维搞基工程师来解释。

详细说明:

新浪漏洞系列第四弹-squid ACL配置不严格导致信息泄露漏洞
让我等运维菜鸟学习学习squid的命中率和缓存策略到底如何
Request Hit Ratios: 5min: 34.5%, 60min: 41.0%
Byte Hit Ratios: 5min: 30.6%, 60min: 54.9%
Request Memory Hit Ratios: 5min: 65.4%, 60min: 43.7%
Request Disk Hit Ratios: 5min: 31.5%, 60min: 54.1%
证明IO是不是有瓶颈神马的呢,还是object设置的太小命中不了呢?命中率有待提高。
我胡说的,希望专业新浪运维搞基工程师来解释。

漏洞证明:

新浪漏洞系列第四弹-squid ACL配置不严格导致信息泄露漏洞
让我等运维菜鸟学习学习squid的命中率和缓存策略到底如何
Request Hit Ratios: 5min: 34.5%, 60min: 41.0%
Byte Hit Ratios: 5min: 30.6%, 60min: 54.9%
Request Memory Hit Ratios: 5min: 65.4%, 60min: 43.7%
Request Disk Hit Ratios: 5min: 31.5%, 60min: 54.1%
证明IO是不是有瓶颈神马的呢,还是object设置的太小命中不了呢?命中率有待提高。
我胡说的,希望专业新浪运维搞基工程师来解释。
漏洞证明:

root@bt:~# squidclient -h 123.125.104.36 -p 8080 mgr:info
HTTP/1.0 200 OK
Server: squid/2.7.STABLE9
Date: Thu, 11 Apr 2013 08:20:11 GMT
Content-Type: text/plain
Expires: Thu, 11 Apr 2013 08:20:11 GMT
X-Cache: MISS from tc-42-36.web.video.sina.com.cn
Connection: close
Squid Object Cache: Version 2.7.STABLE9
Start Time: Mon, 01 Apr 2013 10:56:46 GMT
Current Time: Thu, 11 Apr 2013 08:20:11 GMT
Connection information for squid:
Number of clients accessing cache: 11
Number of HTTP requests received: 38334201
Number of ICP messages received: 0
Number of ICP messages sent: 0
Number of queued ICP replies: 0
Request failure ratio: 0.00
Average HTTP requests per minute since start: 2691.4
Average ICP messages per minute since start: 0.0
Select loop called: 1417309818 times, 0.603 ms avg
Cache information for squid:
Request Hit Ratios: 5min: 34.5%, 60min: 41.0%
Byte Hit Ratios: 5min: 30.6%, 60min: 54.9%
Request Memory Hit Ratios: 5min: 65.4%, 60min: 43.7%
Request Disk Hit Ratios: 5min: 31.5%, 60min: 54.1%
Storage Swap size: 55639596 KB
Storage Mem size: 393060 KB
Mean Object Size: 10.76 KB
Requests given to unlinkd: 0
Median Service Times (seconds) 5 min 60 min:
HTTP Requests (All): 0.00865 0.01469
Cache Misses: 0.05046 0.05046
Cache Hits: 0.00000 0.00091
Near Hits: 0.00102 0.00179
Not-Modified Replies: 0.00000 0.00000
DNS Lookups: 0.00000 0.00278
ICP Queries: 0.00000 0.00000
Resource usage for squid:
UP Time: 854604.071 seconds
CPU Time: 41530.212 seconds
CPU Usage: 4.86%
CPU Usage, 5 minute avg: 2.28%
CPU Usage, 60 minute avg: 4.79%
Process Data Segment Size via sbrk(): 986324 KB
Maximum Resident Size: 0 KB
Page faults with physical i/o: 2
Memory usage for squid via mallinfo():
Total space in arena: 1321304 KB
Ordinary blocks: 1314800 KB 5396 blks
Small blocks: 0 KB 0 blks
Holding blocks: 42508 KB 6 blks
Free Small blocks: 0 KB
Free Ordinary blocks: 6503 KB
Total in use: 1357308 KB 100%
Total free: 6503 KB 0%
Total size: 1363812 KB
Memory accounted for:
Total accounted: 1054631 KB
memPoolAlloc calls: 2573528687
memPoolFree calls: 2557756141
File descriptor usage for squid:
Maximum number of file descriptors: 65535
Largest file desc currently in use: 25
Number of file desc currently in use: 22
Files queued for open: 0
Available number of file descriptors: 65513
Reserved number of file descriptors: 100
Store Disk files open: 1
IO loop method: epoll
Internal Data Structures:
5172141 StoreEntries
9308 StoreEntries with MemObjects
9302 Hot Object Cache Items
5172076 on-disk objects


同样有问题的包括
squidclient -h 123.125.104.38 -p 8080 mgr:info
squidclient -h 123.125.104.39 -p 8080 mgr:info
还是自查吧,这个段比较多

修复方案:

找运维搞基工程师即可

版权声明:转载请注明来源 cnbird@乌云


漏洞回应

厂商回应:

危害等级:低

漏洞Rank:3

确认时间:2013-04-12 15:43

厂商回复:

感谢提供,已经在处理了。

最新状态:

暂无


漏洞评价:

评论

  1. 2013-04-11 16:38 | 鬼魅羊羔 ( 普通白帽子 | Rank:299 漏洞数:41 | (#‵′)凸(#‵′)凸(#‵′)凸(#‵′)凸(#‵...)

    鸟叔你好,鸟叔再见。

  2. 2013-04-13 12:25 | Shady ( 路人 | Rank:24 漏洞数:8 | Test)

    小鸟~~