漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2013-026020
漏洞标题:佛山市公积金任意命令执行
相关厂商:佛山市公积金
漏洞作者: 曹操
提交时间:2013-06-15 20:26
修复时间:2013-07-30 20:26
公开时间:2013-07-30 20:26
漏洞类型:命令执行
危害等级:中
自评Rank:10
漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2013-06-15: 细节已通知厂商并且等待厂商处理中
2013-06-19: 厂商已经确认,细节仅向厂商公开
2013-06-29: 细节向核心白帽子及相关领域专家公开
2013-07-09: 细节向普通白帽子公开
2013-07-19: 细节向实习白帽子公开
2013-07-30: 细节向公众公开
简要描述:
如题
详细说明:
http://www.fsgjj.gov.cn/article.do?id=8a8a8a813bd5977b013bd662017f28e0
网站物理路径: D:\web\jzcms_gjj
java.home: D:\web\jdk1.6.0_13\jre
java.version: 1.6.0_13
os.name: Windows 2003
os.arch: x86
os.version: 5.2
user.name: SYSTEM
user.home: C:\Documents and Settings\Administrator
user.dir: C:\WINDOWS\system32
Windows IP Configuration
???: FSGJJ-WEB
OS ??: Microsoft(R) Windows(R) Server 2003, Enterprise Edition
OS ??: 5.2.3790 Service Pack 2 Build 3790
OS ???: Microsoft Corporation
OS ??: ?????
OS ????: Multiprocessor Free
??????: fsgjj-web
?????:
?? ID: 69813-640-8795085-45704
??????: 2012-6-9, 12:09:48
??????: 12 ? 8 ?? 32 ? 6 ?
?????: IBM
????: eserver xSeries 366-[8863I98]-
????: X86-based PC
???: ??? 4 ?????
[01]: x86 Family 15 Model 4 Stepping 1 GenuineIntel ~3669 Mhz
[02]: x86 Family 15 Model 4 Stepping 1 GenuineIntel ~3669 Mhz
[03]: x86 Family 15 Model 4 Stepping 1 GenuineIntel ~3669 Mhz
[04]: x86 Family 15 Model 4 Stepping 1 GenuineIntel ~3669 Mhz
BIOS ??: IBM - 1000
Windows ??: C:\WINDOWS
????: C:\WINDOWS\system32
????: \Device\HarddiskVolume1
??????: zh-cn;??(??)
???????: zh-cn;??(??)
??: (GMT+08:00) ??????????????????
??????: 4,095 MB
Ethernet adapter ????:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 10.10.10.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.254
Ethernet adapter ???? 2:
Connection-specific DNS Suffix . :
Autoconfiguration IP Address. . . : 169.254.107.116
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
<!--定义数据源-->
<!--
<bean id="jzsac_dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<property name="driverClassName" value="com.microsoft.jdbc.sqlserver.SQLServerDriver">
</property>
<property name="url" value="jdbc:microsoft:sqlserver://10.10.10.2:1433;DatabaseName=jzsac">
</property>
<property name="username" value="jzsac#jzsac"></property>
<property name="password" value="jzsac#jzsac"></property>
漏洞证明:
http://www.fsgjj.gov.cn/article.do?id=8a8a8a813bd5977b013bd662017f28e0
网站物理路径: D:\web\jzcms_gjj
java.home: D:\web\jdk1.6.0_13\jre
java.version: 1.6.0_13
os.name: Windows 2003
os.arch: x86
os.version: 5.2
user.name: SYSTEM
user.home: C:\Documents and Settings\Administrator
user.dir: C:\WINDOWS\system32
Windows IP Configuration
???: FSGJJ-WEB
OS ??: Microsoft(R) Windows(R) Server 2003, Enterprise Edition
OS ??: 5.2.3790 Service Pack 2 Build 3790
OS ???: Microsoft Corporation
OS ??: ?????
OS ????: Multiprocessor Free
??????: fsgjj-web
?????:
?? ID: 69813-640-8795085-45704
??????: 2012-6-9, 12:09:48
??????: 12 ? 8 ?? 32 ? 6 ?
?????: IBM
????: eserver xSeries 366-[8863I98]-
????: X86-based PC
???: ??? 4 ?????
[01]: x86 Family 15 Model 4 Stepping 1 GenuineIntel ~3669 Mhz
[02]: x86 Family 15 Model 4 Stepping 1 GenuineIntel ~3669 Mhz
[03]: x86 Family 15 Model 4 Stepping 1 GenuineIntel ~3669 Mhz
[04]: x86 Family 15 Model 4 Stepping 1 GenuineIntel ~3669 Mhz
BIOS ??: IBM - 1000
Windows ??: C:\WINDOWS
????: C:\WINDOWS\system32
????: \Device\HarddiskVolume1
??????: zh-cn;??(??)
???????: zh-cn;??(??)
??: (GMT+08:00) ??????????????????
??????: 4,095 MB
Ethernet adapter ????:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 10.10.10.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.254
Ethernet adapter ???? 2:
Connection-specific DNS Suffix . :
Autoconfiguration IP Address. . . : 169.254.107.116
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
<!--定义数据源-->
<!--
<bean id="jzsac_dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<property name="driverClassName" value="com.microsoft.jdbc.sqlserver.SQLServerDriver">
</property>
<property name="url" value="jdbc:microsoft:sqlserver://10.10.10.2:1433;DatabaseName=jzsac">
</property>
<property name="username" value="jzsac#jzsac"></property>
<property name="password" value="jzsac#jzsac"></property>
修复方案:
s2补丁
版权声明:转载请注明来源 曹操@乌云
漏洞回应
厂商回应:
危害等级:中
漏洞Rank:6
确认时间:2013-06-19 21:16
厂商回复:
最新状态:
暂无