当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0119196

漏洞标题:盛大某服务器存在心脏出血

相关厂商:盛大网络

漏洞作者:

提交时间:2015-06-09 15:03

修复时间:2015-07-24 17:48

公开时间:2015-07-24 17:48

漏洞类型:重要敏感信息泄露

危害等级:高

自评Rank:20

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-06-09: 细节已通知厂商并且等待厂商处理中
2015-06-09: 厂商已经确认,细节仅向厂商公开
2015-06-19: 细节向核心白帽子及相关领域专家公开
2015-06-29: 细节向普通白帽子公开
2015-07-09: 细节向实习白帽子公开
2015-07-24: 细节向公众公开

简要描述:

**

详细说明:

域名:ku6reg.sdo.com
122.11.32.177

[*] 122.11.32.177:443 - Printable info leaked: Utjb 9w!>u?f"!98532ED/Anection: Keep-AliveAccept-Encoding: gzipsF32O+Z.nWept-Encoding: gzip8xH]aY0"m6^]^_`abcdefghijklmnopqrstuvwxyz{|}~I42#%E4%B8%8D%E6%AD%A3%E7%BB%8F%E4%BA%86+%0A%0A%E6%B2%A1%E8%AE%A9%E4%BD%A0%E5%8D%A0%E4%BE%BF%E5%AE%9C%EF%BC%8C%E5%B0%B1%E6%98%AF%E8%A3%85%E7%BA%AF%E4%BA%86%0A%E8%BF%98%E6%9C%89%E5%B0%B1%E6%98%AF%E4%B8%8A%E7%BD%91%E8%81%8A%E5%A4%A9%E5%B0%B1%E6%98%AF%E5%A4%84%E8%80%81%E9%93%81%E4%BA%86%0A%E5%B0%BC%E7%8E%9B%E8%BF%99%E8%A6%81%E6%98%AF%E5%8E%BB%E6%AE%A1%E4%BB%AA%E9%A6%86%E5%8F%82%E5%8A%A0%E4%B8%AA%E8%91%AC%E7%A4%BC%EF%BC%8C%E5%87%BA%E6%9D%A5%E5%B0%B1%E6%98%AF%E9%AC%BC%E4%BA%86%EF%BC%8C%E5%92%8B%E4%B8%8D%E5%90%93%E6%AD%BB%E4%BD%A0%E5%91%A2%EF%BC%9F%0A%0A&mobile=15119082698&country=86 HTTP/1.1Host: ku6reg.sdo.comConnection: Keep-Alive[+:QwM}4Supgradep55connectionexpectPhostkeep-alive5P5855X *Eh5[[http://122.11.32.142:80/5X *E5[[http://122.11.32.142:80/@5X *E5[[http://122.11.32.142:80/5X *E05[[http://122.11.32.142:80/5/opt/apps//proxy_temp@5555@555x-accel-bufferingserverx-accel-limit-ratex-accel-expiresdatex-padx-accel-charsetx-accel-redirectX5 *5X *CCCh5x *CHost: CCCConnection: close5 *CCCC@555upgradeconnectionexpecthostkeep-alive5/opt/apps//proxy_temp@5555@555x-accel-bufferingserverx-accel-limit-ratex-accel-expiresdatex-padx-accel-charsetx-accel-redirect@5 *5X *CCCP5x *CHost: CCCConnection: closex5 *CCCC@555upgradeconnectionexpecthostkeep-alive@5X *E5[[http://track/5/opt/apps//proxy_temp55@5555@5x-accel-bufferingserverx-accel-limit-ratex-accel-expiresdatex-padx-accel-charsetx-accel-redirect5 *5X *CCC5x *CHost: CCCConnection: close5 *CCCC55@5upgradeconnectionexpecthostkeep-alive5/opt/apps//proxy_temp555@5555x-accel-bufferingserverx-accel-limit-ratex-accel-expiresdatex-padx-accel-charsetx-accel-redirect5 *5X *CCC5x *CHost: CCCConnection: close5 *CCCC555upgradeconnectionexpecthostkeep-alive5/opt/apps//proxy_temp555@5555x-accel-bufferingserverx-accel-limit-ratex-accel-expiresdatex-padx-accel-charsetx-accel-redirect5 *5X *CCC5x *CHost: CCCConnection: close5 *CCCC666upgradeconnectionexpecthostkeep-alive6/opt/apps//fastcgi_temp666@66statusx-accel-bufferingx-accel-limit-ratex-accel-expiresx-accel-charsetx-accel-redirect0d6P *CCC0\6` *CQUERY_STRINGCCREQUEST_METHODCCCONTENT_TYPECCCONTENT_LENGTHCCSCRIPT_NAMECCREQUEST_URICCDOCUMENT_URICCDOCUMENT_ROOTCCSERVER_PROTOCOLC6 *query_stringCCCCCCCrequest_methodCCCCCCCCCCCCCCcontent_typecontent_lengthfastcgi_script_nameCCCCCCCCCCCCCCCCCCCCCCCCCCCrequest_uridocument_uridocument_rootserver_protocolCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCChttpsnginx_versionremote_portserver_addrserver_portserver_name@@/+-6p6*~[Z`]2ZY(4[8}ZTs[%j/^B?%=_bFBa[ETr[l&6[?[FB@+P6P+`6i+k**/S *@z+* *+* *+}ZQ[FB[r[l&6^Q[FB%=_r[l&6[[FB}ZTs[%j/^B?%=_b[@[/h[9/[8[[Q[FB[r[l&6[Q[FB}ZTs[%j/^B?%=_b[@[/h[9/[8[[gbK\Q[FBa[ETr[l&6[?[FB[0[0686P6p6#6p6P0.0.0.0:80@x/0 66bK\Q[FBa[ETr[l&6bK\Q[FBa[ETr[l&6[?[FBQ[FBa[ETr[l&6[?Q[FBa[ETr[l&6[?[FBQ[FBa[ETr[l&60,pG, 6 6FBa[ETKx!600+ !6 !6 K K0000+h!6h!6 6"6A0A0+!6!6JJ T0 T0+!6!6x!6P"6e0e0+@"6@"6"6"6w0w0+$"6"6P"6"600+/"6"6"6(#6(0(0+:#6#6"6K00+>`#6`#60[?Q[FBa[ETr[0.0.0.0:8080y/0)66r[l&6[?[FBQ[FBa[ETr[l&6[?Q[FBa[ETr[l&6[?[FBbK\Q[FBa[ETr[l&6bK\Q[FBa[ETr[l&6[?[FBbK\Q[FBa[ETr[l&6bK\0c-Q[)6)6a[ETr[l&6K8+600+FP*6P*6JJ11+K*6*6`J`J11+S*6*6 K K:1:1+\(+6(+6*6+6(M1(M1+bp+6p+68+6Km1m1+n+6+6[FBbK\,y,a[ETr[l&6bK\,6,6a[ETr[JJ , ,}1H-6H-6 K KP3,P3,}1-6-6pG,IY,Q[FBa[ETr[l&6 .6 .6Q[FBK.6@\,@\,D,.6.6h.6.6Pn,Pn,D,.6.6.6/6,,D,0/60/6@/6@/6FBa[ETKK,,D,/6/6.6K,,D,0606,,[FBP6p6#6p6x16p6 /KZMG~\0.0.0.0:443,8766DnZ0v_~Z17WQZTVxZZM&F ZJY@Z-@`Z&{=Z`.6$Z=9tZPU ZKv2ZY( 9Zx$]@IZ`MZyicN[Z`]fZ *)vZa{N^)[d@,X76X76K76,,D,6767676086,,D,: 86 867696--D,Bh86h86x86x86KK/-/-D,D8686086K C- C-D,I@96@96c-{u-9696 K Kw-w-;*1P:6P:6JJ--;*;:6:6bK\Z`.6$Z&{=:\.(Z |e`Z/-^C/[KsQ\Oq@[@x%[/fI0[cwZVW&] Y[4XZ;kGSaHv_~[Z`]D[0*8Q[FBpa[ETr[l&6[?[FBP ZKvZ't|:\.-^C/4[)Q[FBa[ETr[l&6[?[FBZ0v_~[Z`]2ZY(Z4[v__[Z[2Z[4[[Z0v_~[Z`]2ZY(4[8:\.-^C/4[)Q[FBa[ETr[l&6[?[FBZ0v_~[Z`]2ZY(Z4[v__[Z[2Z[4[[Z0v_~[Z`]2ZY(4[8:\.-^C/4[)Q[FBa[ETr[l&6[?[FBZ0v_~[Z`]2ZY(Z4[v__[Z[2Z[4[[Z0v_~[Z`]2ZY(4[8jC,a{N^WD,0v_~[Z`]jC,uC,WD,]D,v__[Z[2Z[4[[jC,a{N^WD,0v_~[Z`]2ZY(4[8:\.-^C/4[)Q[FBa[ETr[l&6[?[FBZ0v_~[Z`]2ZY(Z4[v__[Z[2Z[4[[Z0v_~[Z`]2ZY(4[8:\.-^C/4[)Q[FBa[ETr[l&6[?[FBZ0v_~[Z`]2ZY(Z4[v__[Z[2Z[4[[Z0v_~[Z`]2ZY(4[8@P6 6KZMG~\. 6@66 6(2D#2}C!a@1A!G2pIaO\?P\y5g.H=KV-CEMnK(6n"eVr#K$R7O3cS}y WUx^lMO`>/sV_GdB*dqC4wy >3D,hav;q1734eK=~}s%mm G*c\Auj?IvaP3rsr'#uRJ{zE]j"]zU$Shanda Computer (Shanghai) Co., Ltd.10UBilling1301U*Terms of use at www.verisign.com/rpa (c)0510U*.sdo.com0"0*H03Rx$KyJwJCSC5VxL*]KQ0USk,a%wfAci"Q[L|p)FiR9NxoMUT`B'c{)[PYM*`B8NQP6{Pt-&k_5?f==0+R'gfZyE,NlpfsO'2"2Bo9Y5qy0u0U0*.sdo.com0U00U0EU>0<0:864http://SVRSecure-G3-crl.verisign.com/SVRSecureG3.crl0CU <0:08`HE60*0(+https://www.verisign.com/cps0U%0++0U#0D\SD~ %cy0v+j0h0$+0http://ocsp.verisign.com0@+04http://SVRSecure-G3-aia.verisign.com/SVRSecureG3.cer0*H;X}2;L{E{OFx/=(KlK?~t[z#kK{[WRoH,jJEkdQx1l*ABFMijAzIPjX[*\rA0\=[H*T:AS_(t:n#Yw{Ncf)!E1*+f^x"*I_?U\u300b","picpath":"vi3.ku6img.com\/data2\/p2\/ku6video\/2013\/4\/20\/12\/1371678472471_52561299_52561299\/1.jpg","userid":"19682369","tag":"\u90ed\u5fb7\u7eb2\u5cb3\u4e91\u9e4f\u76f8\u58f0\u5168\u96c6\u300a\u690d\u7269\u5927\u6218\u50f5\u5c38\u300b","nick":"1904874707","videotime":"1422","videosize":"0","uploadtime":"1366432931943","lastmodified":"1366433718360","desc":"\u90ed\u5fb7\u7eb2\u5cb3\u4e91\u9e4f\u76f8\u58f0\u5168\u96c6\u300a\u690d\u7269\u5927\u6218\u50f5\u5c38\u300b","categoryid":"147000","catename":"\u76f8\u58f0\u548c\u5c0f\u54c1","status":"21","isnew":"","liked":"0","disliked":"0","viewed":"93743"},{"vid":"PVyYBfDYhXBWorPX8MkAUw..","title":"\u5b59\u5c0f\u5b9d\u5c0f\u54c1\u300a\u7f8e\u89c2\u300b","picpath":"vi1.ku6img.com\/data1\/p10\/ku6video\/2013\/12\/7\/8\/1391692971420_89134763_89134763\/8.jpg","userid":"22110853","tag":"\u5b59\u5c0f\u5b9d","nick":"\u641e\u7b11\u8054\u76df","videotime":"1430","videosize":"0","uploadtime":"1386372858773","lastmodified":"1386385964330","desc":"\u5b59\u5c0f\u5b9d","categoryid":"147000","catename":"\u76f8\u58f0\u548c\u5c0f\u54c1","status":"21","isnew":"","liked":"0","disliked":"0","viewed":"621982"},{"vid":"PosAalFXmmit7Z7ZM1KmEg..","title":"\u7ecf\u5178\u7206\u7b11\u5c0f\u54c12014 \u4e1c\u5317\u4e8c\u4eba\u8f6c\uff08\u5c0f\u54c1\u641e\u7b11\u96c6\uff09","picpath":"vi1.ku6img.com\/data2\/p8\/ku6video\/2014\/3\/10\/7\/1399756205931_103091499_103091499\/1.jpg","userid":"19278201","tag":"\u7ecf\u5178\u7206\u7b11\u5c0f\u54c12014 \u4e1c\u5317\u4e8c\u4eba\u8f6c\uff08\u5c0f\u54c1\u641e\u7b11\u96c6\uff09","nick":"\u4f17\u821e\u7cbe\u7075","videotime":"632","videosize":"0","uploadtime":"1394407875542","lastmodified":"1394411902646","desc":"\u7ecf\u5178\u7206\u7b11\u5c0f\u54c12014 \u4e1c\u5317\u4e8c\u4eba\u8f6c\uff08\u5c0f\u54c1\u641e\u7b11\u96c6\uff09","categoryid":"147000","catename":"\u76f8\u58f0\u548c\u5c0f\u54c1","status":"21","isnew":"","liked":"0","disliked":"0","viewed":"19528"},{"vid":"dIPUSRFarJK816BpMwTatQ..","title":"\u8d75\u56db\u5c0f\u54c1\u5168\u96c62012 \u7b11\u6b7b\u4e2a\u4eba\u4e86","picpath":"vi0.ku6img.com\/data1\/p1\/ku6video\/2013\/2\/22\/6\/1366711007935_43772870_43772870\/6.jpg","userid":"19662373","tag":"\u8d75\u56db\u5c0f\u54c1\u5168\u96c62012 \u7b11\u6b7b\u4e2a\u4eba\u4e86","nick":"dzaiz","videotime":"313","videosize":"0","uploadtime":"1361643131019","lastmodified":"1361643197085","desc":"\u8d75\u56db\u5c0f\u54c1\u5168\u96c62012 \u7b11\u6b7b\u4e2a\u4eba\u4e86","categoryid":"147000","catename":"\u76f8\u58f0\u548c\u5c0f\u54c1","status":"21","isnew":"","liked":"1","disliked":"0","viewed":"1145457"},{"vid":"wsg_M5R7YztBpV2mTCoQcg..","title":"\u9b4f\u4e09\u4e1c\u5317\u4e8c\u4eba\u8f6c\u6b63\u620f\u5168\u96c6\u300a\u5c0f\u4e11\u59b9\u8fdb\u57ce\u300b","picpath":"vi1.ku6img.com\/data1\/p8\/ku6video\/2013\/12\/12\/8\/1392130113352_89889708_89889708\/4.jpg","userid":"18163573","tag":"\u9b4f\u4e09\u4e1c\u5317\u4e8c\u4eba\u8f6c\u6b63\u620f\u5168\u96c6\u300a\u5c0f\u4e11\u59b9\u8fdb\u57ce\u300b","nick":"\u6f2b\u6f2b\u770b","videotime":"4065","videosize":"0","uploadtime":"1386805195960","lastmodified]+G+\u4e09\u4e1c\u5317\u4e8c\u4eba\u8f6c\u6b63\u620f\u5168\u96c6\u300a\u5c0f\u4e11\u59b9\u8fdb\u57ce\u300b","categoryid":"147000","catename":"\u76f8\u58f0\u548c\u5c0f\u54c1","status":"21","isnew":"","liked":"0","disliked":"0","viewed":"1586914"},{"vid":"ilC_ZBqqpA0le_T9LRl99Q..","title":"\u5f00\u5fc3\u9ebb\u82b1\u5c0f\u54c1\u5168\u96c6\u4e4b\u6625\u665a\u88ab\u6bd9\u5c0f\u54c1","picpath":"vi0.ku6img.com\/data2\/p7\/ku6video\/2013\/10\/15\/8\/1387102535039_81937210_81937210\/6.jpg","userid":"21277868","tag":"\u6625\u665a","nick":"1367159285","videotime":"75","videosize":"0","uploadtime":"1381910279788","lastmodified":"1381910323997","desc":"\u5f00\u5fc3\u9ebb\u82b1\u5c0f\u54c1\u5168\u96c6\u4e4b\u6625\u665a\u88ab\u6bd9\u5c0f\u54c1","categoryid":"147000","catename":"\u76f8\u58f0\u548c\u5c0f\u54c1","status":"21","isnew":"","liked":"0","disliked":"0","viewed":"78110"},{"vid":"AfHTc4UQ0l-zZQEoGBHzBQ..","title":"\u641e\u7b11\u76f8\u58f0 \u300a\u5feb\u4e50\u7684\u8bdd\u300b\u59dc\u6606 \u674e\u91d1\u6597","picpath":"vi0.ku6img.com\/data1\/p8\/ku6video\/2013\/9\/24\/15\/1385299821122_79494485_79494485\/3.jpg","userid":"14066300","tag":"\u641e\u7b11\u76f8\u58f0 \u300a\u5feb\u4e50\u7684\u8

漏洞证明:

RT

修复方案:

版权声明:转载请注明来源 @乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:10

确认时间:2015-06-09 17:47

厂商回复:

谢谢报告,很明显这个域名是酷6的 不是我们的!!

最新状态:

暂无


漏洞评价:

评论

  1. 2015-06-09 17:58 | ( 普通白帽子 | Rank:276 漏洞数:69 | ❤)

    @盛大网络 我前面提交酷六没通过,后来,看了下HOST是你们的域名,所以就提交到你们这里啦~