当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0116905

漏洞标题:科易网主站服务器存在心脏滴血

相关厂商:1633.com

漏洞作者: 路人甲

提交时间:2015-05-29 12:29

修复时间:2015-06-03 12:30

公开时间:2015-06-03 12:30

漏洞类型:重要敏感信息泄露

危害等级:高

自评Rank:20

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-05-29: 细节已通知厂商并且等待厂商处理中
2015-06-03: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

.

详细说明:

http://www.1633.com/

C:\Users\Administrator>ping www.1633.com
正在 Ping www.1633.com [42.120.61.143] 具有 32 字节的数据:
来自 42.120.61.143 的回复: 字节=32 时间=79ms TTL=42
来自 42.120.61.143 的回复: 字节=32 时间=78ms TTL=42
来自 42.120.61.143 的回复: 字节=32 时间=78ms TTL=42
来自 42.120.61.143 的回复: 字节=32 时间=77ms TTL=42
42.120.61.143 的 Ping 统计信息:
    数据包: 已发送 = 4,已接收 = 4,丢失 = 0 (0% 丢失),
往返行程的估计时间(以毫秒为单位):
    最短 = 77ms,最长 = 79ms,平均 = 78ms
C:\Users\Administrator>


42.120.61.143

[*] 42.120.61.143:443 - Printable info leaked: Ug;),6N<[c,f"!98532ED/Ako) Chrome/31.0.1650.48 Safari/537.36Accept: */*Referer: https://login.keyibao.com/?ret=https%3a%2f%2f112.124.4.41%2fmy%2fAccept-Encoding: gzip,deflateAccept-Language: en-us,enAccept-Charset: iso-8859-1,*,utf-8&Qd6LezdS1T8lHF8=1432866847; Hm_lpvt_9b77606e204c6e475026396f4c39f548=1432866847; Hm_lvt_d831f6345626109cefbd8045f1a557b8=1432866847; Hm_lpvt_d831f6345626109cefbd8045f1a557b8=1432866847; http_wwwkeyibaocom=1; _ga=GA1.2.711565488.1432866847; SERVERID=5b8ce779310303ef8b9ba6ffe6f3603c|1432868024|1432868024n=j4PhUz9xX[d'GLmG4p`R$".*>);3`3_aBO7u""9y_1/`&zmSNdFw/&g^+ J,?/:1j%e7%bb%9c%e7%a7%91%e6%8a%80%e6%9c%89%e9%99%90%e5%85%ac%e5%8f%b8>|yvwt;F4Rfy/%{cbR('u5189gIXK`l&e2d?`0/*#f<unGpan><span id="c_388"><a href="/tec/388/" ></a></span><span id="c_389"><a href="/tec/389/" ></a></span><span id="c_390"><a href="/tec/390/" ></a></span><span id="c_391"><a href="/tec/391/" ></a></span><span id="c_392"><a href="/tec/392/" ></a></span><span id="c_393"><a href="/tec/393/" ></a></span><span id="c_535"><a href="/tec/535/" ></a></span><span id="c_537"><a href="/tec/537/" ></a></span><span id="c_568"><a href="/tec/568/" ></a></span></div> <div class="dw clearfix" id="d_4" style="display: none;"><span id="c_4"><a href="/tec/4/" ></a></span><span id="c_57"><a href="/tec/57/" ></a></span><span id="c_58"><a href="/tec/58/" ></a></span><span id="c_61"><a href="/tec/61/" ></a></span><span id="c_62"><a href="/tec/62/" ></a></span><span id="c_65"><a href="/tec/65/" ></a></span><span id="c_304"><a href="/tec/304/" ></a></span><span id="c_305"><a href="/tec/305/" ></a></span><span id="c_396"><a href="/tec/396/" ></a></span><span id="c_397"><a href="/tec/397/" ></a></span><span id="c_398"><a href="/tec/398/" ></a></span><span id="c_399"><a href="/tec/399/" ></a></span><span id="c_400"><a href="/tec/400/" ></a></span></div> <div class="dw clearfix" id="d_5" style="display: none;"><span id="c_5"><a href="/tec/5/" ></a></span><span id="c_63"><a href="/tec/63/" ></a></span><span id="c_67"><a href="/tec/67/" ></a></span><span id="c_68"><a href="/tec/68/" ></a></span><span id="c_72"><a href="/tec/72/" ></a></span><span id="c_73"><a href="/tec/73/" ></a></span><span id="c_307"><a href="/tec/307/" ></a></span><span id="c_308"><a href="/tec/308/" ></a></span><span id="c_401"><a href="/tec/401/" ></a></span><span id="c_402"><a href="/tec/402/" ></a></span><span id="c_573"><a href="/tec/573/" ></a></span><span id="c_574"><a href="/tec/574/" ></a></span></div> <div class="dw clearfix" id="d_7" style="display: none;"><span id="c_7"><a href="/tec/7/" ></a></span><span id="c_85"><a href="/tec/85/" ></a></span><span id="c_86"><a href="/tec/86/" ></a></span><span id="c_528"><a href="/tec/528/" ></a></span><span id="c_529"><a href="/tec/529/" ></a></span><span id="c_532"><a href="/tec/532/" ></a></span><span id="c_551"><a href="/tec/551/" ></a></span><span id="c_558"><a href="/tec/558/" ></a></span><span id="c_559"><a href="/tec/559/" ></a></span></div> <div class="dw clearfix" id="d_15" style="display: none;"><span id="c_15"><a href="/tec/15/" ></a></span><span id="c_140"><a href="/tec/140/" ></a></span><span id="c_413"><a href="/tec/413/" ></a></span><span id="c_515"><a href="/tec/515/" ></a></span><span id="c_516"><a href="/tec/516/" ></a></span><span id="c_517"><a href="/tec/517/" ></a></span><span id="c_518"><a href="/tec/518/" ></a></span><span id="c_519"><a href="/tec/519/" ></a></span><span id="c_520"><a href="/tec/520/" ></a></span><span id="c_521"><a href="/tec/521/" ></a></span><span id="c_522"><a href="/tec/522/" ></a></span></div> <div class="dw clearfix" id="d_17" style="display: none;"><span id="c_17"><a href="/tec/17/" ></a></span><span id="c_416"><a href="/tec/416/" > </a></span><span id="c_474"><a href="/tec/474/" ></a></span><span id="c_475"><a href="/tec/475/" ></a></span><span id="c_476"><a href="/tec/476/" ></a></span><span id="c_477"><a href="/tec/477/" ></a></span><span id="c_478"><a href="/tec/478/" ></a></span><span id="c_479"><a href="/tec/479/" ></a></span><span id="c_543"><a href="/tec/543/" ></a></span></div> <div class="dw clearfix" id="d_18" style="display: none;"><span id="c_18"><a href="/tec/18/" ></a></span><span id="c_159"><a href="/tec/159/" ></a></span><span id="c_160"><a href="/tec/160/" ></a></span><span id="c_300"><a href="/tec/300/" ></a></span><span id="c_339"><a href="/tec/339/" ></a></span><span id="c_340"><a href="/tec/340/" ></a></span><span id="c_341"><a href="/tec/341/" ></a></span><span id="c_344"><a href="/tec/344/" ></a></span><span id="c_345"><a href="/tec/345/" ></a></span><span id="c_346"><a href="/tec/346/" ></a></span><span id="c_417"><a href="/tec/417/" ></a></span><span id="c_418"><a href="/tec/418/" ></a></span><span id="c_419"><a href="/tec/419/" >/</a></span><span id="c_420"><a href="/tec/420/" ></a></span><span id="c_421"><a href="/tec/421/" ></a></span><span id="c_422"><a href="/tec/422/" ></a></span><span id="c_423"><a href="/tec/423/" ></a></span><span id="c_424"><a href="/tec/424/" >/</a></span><span id="c_425"><a href="/tec/425/" ></a></span><span id="c_426"><a href="/tec/426/" ></a></span><span id="c_427"><a href="/tec/427/" ></a></span><span id="c_428"><a href="/tec/428/" ></a></span><span id="c_523"><a href="/tec/523/" ></a></span></div> <div class="dw clearfix" id="d_19" style="display: none;"><span id="c_19"><a href="/tec/19/" ></a></span><span id="c_161"><a href="/tec/161/" ></a></span><span id="c_163"><a href="/tec/163/" ></a></span><span id="c_167"><a href="/tec/167/" ></a></span><span id="c_348"><a href="/tec/348/" ></a></span><span id="c_480"><a href="/tec/480/" ></a></span><span id="c_481"><a href="/tec/481/" ></a></span><span id="c_482"><a href="/tec/482/" ></a></span><span id="c_544"><a href="/tec/544/" ></a></span><span id="c_548"><a href="/tec/548/" ></a></span><span id="c_557"><a href="/tec/557/" ></a></span></div><div class="diyiji"><span id="s_20"><em><a href="/tec/20/"></a></em></span><span id="s_25"><em><a href="/tec/25/"></a></em></span><span id="s_26"><em><a href="/tec/26/"></a></em></span><span id="s_31"><em><a href="/tec/31/"></a></em></span><span id="s_375"><em><a href="/tec/375/"></a></em></span><span id="s_456"><em><a href="/tec/456/"></a></em></span><span id="s_457"><em><a href="/tec/457/"></a></em></span><span id="s_458"><em><a href="/tec/458/"></a></em></span><span id="s_459"><em><a href="/tec/459/"></a></em></span></div><div class="clear"></div> <div class="dw clearfix" id="d_20" style="display: none;"><span id="c_20"><a href="/tec/20/" ></a></span><span id="c_168"><a href="/tec/168/" ></a></span><span id="c_169"><a href="/tec/169/" ></a></span><span id="c_170"><a href="/tec/170/" ></a></span><span id="c_171"><a href="/tec/171/" ></a></span><span id="c_172"><a href="/tec/172/" ></a></span><span id="c_173"><a href="/tec/173/" ></a></span><span id="c_174"><a href="/tec/174/" ></a></span><span id="c_430"><a href="/tec/430/" ></a></span><span id="c_432"><a href="/tec/432/" ></a></span><span id="c_556"><a href="/tec/556/" ></a></span></div> <div class="dw clearfix" id="d_25" style="display: none;"><span id="c_25"><a href="/tec/25/" ></a></span><span id="c_194"><a href="/tec/194/" ></a></span><span id="c_195"><a href="/tec/195/" ></a></span><span id="c_197"><a href="/tec/197/" ></a></span><span id="c_198"><a href="/tec/198/" ></a></span><span id="c_200"><a href="/tec/200/" ></a></span><span id="c_360"><a href="/tec/360/" ></a></span><span id="c_361"><a href="/tec/361/" ></a></span><span id="c_362"><a href="/tec/362/" ></a></span><span id="c_363"><a href="/tec/363/" ></a></span><span id="c_440"><a href="/tec/440/" ></a></span><span id="c_441"><a href="/tec/441/" ></a></span><span id="c_442"><a href="/tec/442/" ></a></span><span id="c_575"><a href="/tec/575/" ></a></span><span id="c_576"><a href="/tec/576/" ></a></span></div> <div class="dw clearfix" id="d_26" style="display: none;"><span id="c_26"><a href="/tec/26/" ></a></span><span id="c_205"><a href="/tec/205/" ></a></span><span id="c_206"><a href="/tec/206/" ></a></span><span id="c_207"><a href="/tec/207/" ></a></span><span id="c_577"><a href="/tec/577/" ></a></span><span id="c_578"><a href="/tec/578/" ></a></span></div> <div class="dw clearfix" id="d_31" style="display: none;"><span id="c_31"><a href="/tec/31/" ></a></span><span id="c_525"><a href="/tec/525/" ></a></span><span id="c_526"><a href="/tec/526/" ></a></span><span id="c_527"><a href="/tec/527/" ></a></span><span id="c_562"><a href="/tec/562/" ></a></span><span id="c_563"><a href="/tec/563/" ></a></span><span id="c_564"><a href="/tec/564/" ></a></span><span id="c_565"><a href="/tec/565/" ></a></span><span id="c_566"><a href="/tec/566/" ></a></span></div> <div class="dw clearfix" id="d_375" style="display: none;"><span id="c_375"><a href="/tec/375/" ></a></span><span id="c_376"><a href="/tec/376/" ></a></span><span id="c_377"><a href="/tec/377/" ></a></span><span id="c_378"><a href="/tec/378/" ></a></span><span id="c_381"><a href="/tec/381/" ></a></span><span id="c_382"><a href="/tec/382/" ></a></span><span id="c_473"><a href="/tec/473/" ></a></span></div> <div class="dw clearfix" id="d_456" style="display: none;"><span id="c_456"><a href="/tec/456/" ></a></span><span id="c_286"><a href="/tec/286/" ></a></span><span id="c_291"><a href="/tec/291/" ></a></span><span id="c_465"><a href="/tec/465/" ></a></span><span id="c_466"><a href="/tec/466/" ></a></span><span id="c_467"><a href="/tec/467/" >/</a></span><span id="c_468"><a href="/tec/468/" ></a></span><span id="c_469"><a href="/tec/469/" ></a></span><span id="c_470"><a href="/tec/470/" ></a></span><span id="c_471"><a href="/tec/471/" ></a></span><span id="c_472"><a href="/tec/472/" ></a></span></div> <div class="dw clearfix" id="d_457" style="display: none;"><span id="c_457"><a href="/tec/457/" ></a></span><span id="c_483"><a href="/tec/483/" ></a></span><span id="c_484"><a href="/tec/484/" ></a></span><span id="c_485"><a href="/tec/485/" ></a></span><span id="c_486"><a href="/tec/486/" ></a></span><span id="c_487"><a href="/tec/487/" ></a></span><span id="c_488"><a href="/tec/488/" ></a></span><span id="c_547"><a href="/tec/547/" ></a></span></div> <div class="dw clearfix" id="d_458" style="display: none;"><span id="c_458"><a href="/tec/458/" ></a></span><span id="c_489"><a href="/tec/489/" ></a></span><span id="c_491"><a href="/tec/491/" ></a></span><span id="c_492"><a href="/tec/492/" ></a></span><span id="c_493"><a href="/tec/493/" ></a></span><span id="c_494"><a href="/tec/494/" ></a></span><span id="c_495"><a href="/tec/495/" ></a></span><span id="c_496"><a href="/tec/496/" ></a></span><span id="c_553"><a href="/tec/553/" ></a></span><span id="c_554"><a href="/tec/554/" ></a></span><span id="c_579"><a href="/tec/579/" ></a></span></div> <div class="dw clearfix" id="d_459" style="display: none;"><span id="c_459"><a href="/tec/459/" ></a></span><span id="c_497"><a href="/tec/497/" ></a></span><span id="c_500"><a href="/tec/500/" ></a></span><span id="c_501"><a href="/tec/501/" ></a></span><span id="c_502"><a href="/tec/502/" ></a></span><span id="c_503"><a href="/tec/503/" ></a></span><span id="c_504"><a href="/tec/504/" ></a></span><span id="c_505"><a href="/tec/505/" ></a></span><span id="c_546"><a href="/tec/546/" ></a></span><span id="c_561"><a href="/tec/561/" ></a></span></div><div class="diyiji"><span id="s_460"><em><a href="/tec/460/"></a></em></span><span id="s_461"><em><a href="/tec/461/"></a></em></span><span id="s_462"><em><a href="/tec/462/"></a></em></span><span id="s_463"><em><a href="/tec/463/"></a></em></span><span id="s_464"><em><a href="/tec/464/"></a></em></span></div><div class="clear"></div> <div class="dw clearfix" id="d_460" style="display: none;"><span id="c_460"><a href="/tec/460/" ></a></span><span id="c_506"><a href="/tec/506/" ></a></span><span id="c_507"><a href="/tec/507/" ></a></span><span id="c_508"><a href="/tec/508/" ></a></span><span id="c_509"><a href="/tec/509/" ></a></span><span id="c_510"><a href="/tec/510/" ></a></span><span id="c_545"><a href="/tec/545/" ></a></span><span id="c_567"><a href="/tec/567/" ></a></span></div> <div class="dw clearfix" id="d_461" style="display: none;"><span id="c_461"><a href="/tec/461/" ></a></span><span id="c_192"><a href="/tec/192/" ></a></span><span id="c_511"><a href="/tec/511/" ></a></span><span id="c_512"><a href="/tec/512/" ></a></span><span id="c_552"><a href="/tec/552/" ></a></span><span id="c_569"><a href="/tec/569/" ></a></span><span id="c_570"><a href="/tec/570/" ></a></span><span id="c_571"><a href="/tec/571/" ></a></span><span id="c_572"><a href="/tec/572/" ></a></span></div> <div class="dw clearfix" id="d_462" style="display: none;"><span id="c_462"><a href="/tec/462/" ></a></span><span id="c_233"><a href="/tec/233/" ></a></span><span id="c_234"><a href="/tec/234/" ></a></span><span id="c_235"><a href="/tec/235/" ></a></span><span id="c_236"><a href="/tec/236/" ></a></span><span id="c_237"><a href="/tec/237/" ></a></span><span id="c_238"><a href="/tec/238/" ></@a></span><span id="c_241"><a href="/tec/241/" ></a></span><span id="c_370"><a href="/tec/370/" ></a></span><span id="c_371"><a href="/tec/371/" ></a></span><span id="c_372"><a href="/tec/372/" ></a></span><span id="c_373"><a href="/tec/373/" ></a></span><span id="c_549"><a href="/tec/549/" ></a></span><span id="c_550"><a href="/tec/550/" ></a></span><span id="c_555"><a href="/tec/555/" ></a></span></div> <div class="dw clearfix" id="d_463" style="display: none;"><span id="c_463"><a href="/tec/463/" ></a></span><span id="c_176"><a href="/tec/176/" ></a></span><span id="c_179"><a href="/tec/179/" ></a></span><span id="c_180"><a href="/tec/180/" ></a></span><span id="c_181"><a href="/tec/181/" ></a></span><span id="c_353"><a href="/tec/353/" ></a></span><span id="c_354"><a href="/tec/354/" ></a></span><span id="c_355"><a href="/tec/355/" ></a></span><span id="c_435"><a href="/tec/435/" ></a></span><span id="c_436"><a href="/tec/436/" ></a></span><span id="c_533"><a href="/tec/533/" ></a></span><span id="c_534"><a href="/tec/534/" ></a></span><span id="c_560"><a href="/tec/560/" ></a></span></div> <div class="dw clearfix" id="d_464" style="display: none;"><span id="c_464"><a href="/tec/464/" ></a></span><span id="c_127"><a href="/tec/127/" ></a></span><span id="c_258"><a href="/tec/258/" ></a></span><span id="c_538"><a href="/tec/538/" ></a></span><span id="c_539"><a href="/tec/539/" ></a></span><span id="c_540"><a href="/tec/540/" ></a></span><span id="c_541"><a href="/tec/541/" ></a></span><span id="c_542"><a href="/tec/542/" ></a></span></div>EEyGjGIzGGu?{?EEyGjGIzGGazGxGzGxGszGxGzzGxGu?0Ea{N^yG~IzG&{=azGKvzG`]szGY(zzG8ua{N^yG0yG~IzG&{=uuyGGyGjGIzGGuuyGGyGjGIzGGazGxGzGxGszGxGzzGxGua{N^yG0yG~IzG&{=azGKvzG`]szGY(zzG80a{N^yG~IzG&{=yGjGIzGGyGjGIzGGazGxGzGxGszGxGzzGxG0a{N^yG~IzG&{=azGKvzG`]szGY(zzG8:0ha{N^yG~IzG&{=:@hhyGjGIzGG:@hhyGjGIzGGazGxGzGxGszGxGzzGxG:0ha{N^yG~IzG&{=azGKvzG`]szGY(zzG8*0a{N^yG~IzG&{=*0yGjGIzGG*0yGjGIzGGazGxGzGxGszGxGzzGxG*0a{N^yG~IzG&{=azGKvzG`]szGY(zzG8Z0a{N^yG~IzG&{=Z`yGjGIzGGZ`yGjGIzGGazGxGzGxGszGxGzzGxGZ0a{N^yG~IzG&{=azGKvzG`]szGY(zzG8.a{N^yG0yG~IzG&{=..yGGyGjGIzGG..yGGyGjGIzGGazGxGzGxGszGxGzzGxG.a{N^yG0yG~IzG&{=azGKvzG`]szGY(zzG8B0Ja{N^yG~IzG&{=BBJJyGjGIzGGBBJJyGjGIzGGazGxGzGxGszGxGzzGxGB0Ja{N^yG~IzG&{=azGKvzG`]szGY(zzG8GGFBGETGl&6GGFBGETGl&6.G?@GFBh``` GGFBGETGl&6GGFBGETGl&6.G?@GFBhGGFBGETGl&6GGFBGETGl&6.G?@GFBGGFBGETGl&6GGFBGETGl&6.G?@GFBGGFBGETGl&6GGFBGETGl&6.G?@GFB@GGGFBGETGl&6GGFBGETGl&6.G?@GFBrGGFBGETGl&6GGFBGETGl&6.G?@GFBGGFBGETGl&6GGFBGETGl&6.G?@GFBGGFBGETGl&6GGFBGETGl&6.G?@GFB0GGFBGETGl&6GGFBGETGl&6.G?@GFB>rewrite^/news/templets/(.*)/templetsGGFBGETGl&6GGFBGETGl&6.G?@GFB/:L222.76.213.204:826-ifGGFBGETGl&6GGFBGETGl&6.G?@GFB?@@@@AGGFBGETGl&6GGFBGETGl&6.G?@GFB0u0udGGFBGETGl&6GGFBGETGl&6.G?@GFBGGFBGETGl&6GGFBGETGl&6.G?@GFB``` @GGFBGETGl&6GGFBGETGl&6.G?@GFBhGGFBGETGl&6GGFBGETGl&6.G?@GFBGGFBGETGl&6GGFBGETGl&6.G?@GFBGGFBGETGl&6GGFBGETGl&6.G?@GFB@GGGFBGETGl&6GGFBGETGl&6.G?@GFBrGGFBGETGl&6GGFBGETGl&6.G?@GFBGGFBGETGl&6GGFBGETGl&6.G?@GFBGG@((???@@@?p<*2CA!xG10.159.63.145z~ xAAPUa j;?YH?i!GH.Q_x[EHTTP,0gU1V|PPK}A!\@|@*EXFEGXFXFFEGhttp://aspx_1633_pool/JeC!DeCXGDHost: DDDx-real-IP: DDDConnection: closeDContent-Length: DDKeC!DeCeC!DeCeCeC!DeCeC!DeCeCeC!DeCKKL@Lhcontent-lengthkeep-alivehosttransfer-encodingx-real-ipconnectionXexpectupgrade@LXF MEGhttp://mall_1633_pool/PeC!DeCMDHost: DDDx-real-IP: DDDConnection: closeDContent-Length: DD @ pQeC!DeCeC!DeCeCeC!DeCeC!DeCeCeC!DeCrR@RRRcontent-lengthkeep-alivehosttransfer-encodingx-real-ipconnectionexpectupgrade8SXFSEGhttp://10.132.63.221:8080/WeC!DeC@TDx-real-IP: DDDHost: DDDConnection: closeDContent-Length: DDP@hxGXeC!DeCeC!DeCeCeC!DeCeC!DeCeCeC!DeC /zk/$1breakERCPT0zk/_XXY@YWX(content-lengthkeep-alivehosttransfer-encoding13.20Yx-real-ipconnection76.226ifexpectupgradepYZYXFZEGhttp://dev_1633_pool/p]eC!DeCZDHost: DDDx-real-IP: DDDConnection: closeDContent-Length: DD`` 0u0udp^eC!DeCeC!DeCeCeC!DeCeC!DeCeCeC!DeC^_@__content-lengthkeep-alive`hosttransfer-encoding x-real-ipconnectionexpectupgrade@l `XFx`EGhttp://10.160.12.63:801/`XFaEGhttp://222.76.213.202:809/XaXFaEGhttp://aspx_1633_pool/aXFHbEGhttp://aspx_1633_pool/bXFbEGhttp://aspx_1633_pool/ cXFxcEGhttp://aspx_1633_pool/cXFdEGhttp://222.76.213.202:809/XdXFdEGhttp://222.76.213.202:809/dXFPeEGhttp://tec_1633_pool/eXFeEGhttp://www_1633_pool/Xf/usr/local/nginx/fastcgi_tempg@ggghstatusx-accel-bufferingx-accel-limit-ratex-accel-expires``x-accel-charsetx-accel-redirecth/usr/local/nginx/fastcgi_tempiij@jjstatusx-accel-bufferingx-accel-limit-ratex-accel-expiresx-accel-charsetx-accel-redirecthxG8k/usr/local/nginx/fastcgi_templ@lllmERCPVstatusx-accel-bufferingib/U"x-accel-limit-rateRYx-accel-expires/lib/$ERCPVx-accel-charsetews/lib/_9Ux-accel-redirectCmlnm,xA/usr/local/nginx/fastcgi_temp@nnno@ostatusx-accel-bufferingx-accel-limit-rate76.226if($request_uri2~x-accel-expiresnPprx-accel-charsets0s`sxsx-accel-redirect@t`tw(y({}~p/usr/local/nginx/fastcgi_temppq@qqqstatusx-accel-bufferingx-accel-limit-ratex-accel-expires0u0ux-accel-charsetx-accel-redirectr/usr/local/nginx/fastcgi_temp@ssst@tstatusx-accel-bufferingx-accel-limit-rate

漏洞证明:

.

修复方案:

.

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-06-03 12:30

厂商回复:

漏洞Rank:4 (WooYun评价)

最新状态:

暂无

漏洞评价:

评论