当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0112929

漏洞标题:财富中国某服务配置不当导致信息泄露

相关厂商:财富中国

漏洞作者: depycode

提交时间:2015-05-18 14:20

修复时间:2015-07-06 17:46

公开时间:2015-07-06 17:46

漏洞类型:系统/服务运维配置不当

危害等级:高

自评Rank:20

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-05-18: 细节已通知厂商并且等待厂商处理中
2015-05-22: 厂商已经确认,细节仅向厂商公开
2015-06-01: 细节向核心白帽子及相关领域专家公开
2015-06-11: 细节向普通白帽子公开
2015-06-21: 细节向实习白帽子公开
2015-07-06: 细节向公众公开

简要描述:

RT..

详细说明:

E:\>squidclient.exe -h www.3158.com -p 80 mgr:
HTTP/1.1 200 OK
Server: PowerCDN/4.1
Mime-Version: 1.0
Date: Fri, 08 May 2015 10:22:56 GMT
Content-Type: text/plain
Expires: Fri, 08 May 2015 10:22:56 GMT
Last-Modified: Fri, 08 May 2015 10:22:56 GMT
X-Cache: MISS from dg193.powercdn.com
Via: 1.1 dg193.powercdn.com (PowerCDN/4.1)
Connection: close
 index                  Cache Manager Interface                 public
 menu                   Cache Manager Menu                      public
 offline_toggle         Toggle offline_mode setting             hidden
 shutdown               Shut Down the Squid Process             hidden
 reconfigure            Reconfigure Squid                       hidden
 rotate                 Rotate Squid Logs                       hidden
 cached_ssl_cert        Statistic of cached generated ssl certificates  public
 pconn                  Persistent Connection Utilization Histograms    public
 mem                    Memory Utilization                      public
 squidaio_counts        Async IO Function Counters              public
 diskd                  DISKD Stats                             public
 config                 Current Squid Configuration             hidden
 client_list            Cache Client List                       public
 comm_epoll_incoming    comm_incoming() stats                   public
 ipcache                IP Cache Stats and Contents             public
 fqdncache              FQDN Cache Stats and Contents           public
 idns                   Internal DNS Statistics                 public
 redirector             URL Redirector Stats                    public
 store_id               StoreId helper Stats                    public
 basicauthenticator     Basic User Authenticator Stats          public
 external_acl           External ACL stats                      public
 http_headers           HTTP Header Statistics                  public
 info                   General Runtime Information             public
 service_times          Service Times (Percentiles)             public
 filedescriptors        Process Filedescriptor Allocation       public
 objects                All Cache Objects                       public
 vm_objects             In-Memory and In-Transit Objects        public
 io                     Server-side network read() size histograms      public
 counters               Traffic and Resource Counters           public
 peer_select            Peer Selection Algorithms               public
 digest_stats           Cache Digest and ICP blob               public
 5min                   5 Minute Average of Counters            public
 60min                  60 Minute Average of Counters           public
 utilization            Cache Utilization                       public
 histograms             Full Histogram Counts                   public
 active_requests        Client-side Active Requests             public
 username_cache         Active Cached Usernames                 public
 openfd_objects         Objects with Swapout files open         public
 store_digest           Store Digest                            public
 store_log_tags         Histogram of store.log tags             public
 storedir               Store Directory Stats                   public
 store_io               Store IO Interface Stats                public
 store_check_cachable_stats     storeCheckCachable() Stats              public
 refresh                Refresh Algorithm Statistics            public
 delay                  Delay Pool Levels                       public
 forward                Request Forwarding Statistics           public
 cbdata                 Callback Data Registry Contents         public
 events                 Event Queue                             public
 asndb                  AS Number Database                      public
 carp                   CARP information                        public
 userhash               peer userhash information               public
 sourcehash             peer sourcehash information             public
 server_list            Peer Cache Statistics                   public


server_list:


截取部分

Parent     : n_40_6_664_4182_163177128170_80
Host       : 163.177.128.170/80/0
Flags      : no-query no-netdb-exchange originserver connection-auth=auto
Address[0] : 163.177.128.170
Status     : Up
FETCHES    : 234
OPEN CONNS : 0
AVG RTT    : 0 msec
IGNORED    :        0   0%
DOMAIN LIST: .3158mj.com 
keep-alive ratio: 100%
Parent     : n_40_50_153_4446_2111476211_80
Host       : 211.147.6.211/80/0
Flags      : no-query no-netdb-exchange originserver connection-auth=auto
Address[0] : 211.147.6.211
Status     : Up
FETCHES    : 43
OPEN CONNS : 0
AVG RTT    : 0 msec
IGNORED    :        0   0%
DOMAIN LIST: .2307.com 
keep-alive ratio: 100%
Parent     : n_40_201_1147_4805_2111476197_80
Host       : 211.147.6.197/80/0
Flags      : no-query no-netdb-exchange originserver connection-auth=auto
Address[0] : 211.147.6.197
Status     : Up
FETCHES    : 10
OPEN CONNS : 0
AVG RTT    : 0 msec
IGNORED    :        0   0%
DOMAIN LIST: .yanglemei.com 
keep-alive ratio: 0%
Parent     : n_40_6_130_201_2111005285_80
Host       : 211.100.52.85/80/0
Flags      : no-query no-netdb-exchange originserver connection-auth=auto
Address[0] : 211.100.52.85
Status     : Up
FETCHES    : 0
OPEN CONNS : 0
AVG RTT    : 0 msec
IGNORED    :        0   0%
DOMAIN LIST: .518958.com 
keep-alive ratio: 0%


111111.jpg


漏洞证明:

111111.jpg

修复方案:

版权声明:转载请注明来源 depycode@乌云

漏洞回应

厂商回应:

危害等级:低

漏洞Rank:1

确认时间:2015-05-22 17:45

厂商回复:

基本无公害!还是感谢关心!

最新状态:

2015-05-22:还有我们的主站是www.3158.cn !!!com域名虽然也是我们的,但目前来说不是主站,而且在服务器和程序上没有任何关联!!!

漏洞评价:

评论