当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2013-017919

漏洞标题:多友科技DNS域传送漏洞

相关厂商:多友科技(北京)有限公司

漏洞作者: txcbg

提交时间:2013-01-28 18:19

修复时间:2013-03-14 18:20

公开时间:2013-03-14 18:20

漏洞类型:系统/服务运维配置不当

危害等级:低

自评Rank:3

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2013-01-28: 细节已通知厂商并且等待厂商处理中
2013-01-28: 厂商已经确认,细节仅向厂商公开
2013-02-07: 细节向核心白帽子及相关领域专家公开
2013-02-17: 细节向普通白帽子公开
2013-02-27: 细节向实习白帽子公开
2013-03-14: 细节向公众公开

简要描述:

看到是新来的 厂家,欢迎之余简单看了下问斩,发现了一点小安全问题——DNS域传送漏洞。

详细说明:

多友科技的DNS服务器ns.looyu.com配置不当,存在域传送漏洞,泄露敏感信息。

漏洞证明:

C:\>nslookup
*** Can't find server name for address 222.122.139.1: Non-existent domai
Default Server:  UnKnown
Address:  222.122.139.1
> set type=n
unknown query type: n
> set type=ns
> www.looyu.com
Server:  UnKnown
Address:  222.122.139.1
DNS request timed out.
    timeout was 2 seconds.
*** Request to UnKnown timed-out
> www.looyu.com
Server:  UnKnown
Address:  222.122.139.1
looyu.com
        primary name server = ns.looyu.com
        responsible mail addr = looyu.com
        serial  = 20121211
        refresh = 28800 (8 hours)
        retry   = 7200 (2 hours)
        expire  = 2419200 (28 days)
        default TTL = 86400 (1 day)
> server ns.looyu.com
Default Server:  ns.looyu.com
Address:  60.28.217.4
> ls looyu.com
[ns.looyu.com]
 looyu.com.                     A      42.121.17.160
 looyu.com.                     NS     server = ns.looyu.com
 looyu.com.                     NS     server = ns1.looyu.com
 looyu.com.                     NS     server = ns2.looyu.com
 looyu.com.                     NS     server = ns3.looyu.com
 looyu.com.                     NS     server = ns5.looyu.com
 *                              A      50.19.17.188
 51                             A      60.28.217.86
 51daifu                        A      60.28.217.4
 51fund                         A      60.28.217.4
 51pph                          A      60.28.217.86
 5i5j                           A      60.28.217.86
 95teleweb                      A      60.28.217.86
 99jsw                          A      60.28.217.4
 9diamond                       A      60.28.217.86
 acgidd                         A      60.28.217.4
 ag14                           A      60.28.217.86
 ali063                         A      42.120.17.198
 ali064                         A      42.121.67.172
 ali065                         A      42.121.67.172
 ali14                          A      42.120.16.167
 ali142                         A      42.120.16.59
 ali167                         A      110.76.42.167
 ali76                          A      42.121.14.44
 ali761                         A      42.121.65.121
 ana                            A      60.28.209.156
 aopeng                         A      60.28.217.86
 api                            A      60.28.217.13
 bbs                            A      110.76.42.176
 bdqn                           A      60.28.217.86
 bnq                            A      60.28.217.4
 boloni                         A      60.28.217.4
 cfile                          A      60.28.217.10
 cfile1                         A      60.28.217.7
 cfile1                         A      60.28.220.186
 chat                           A      60.28.217.86
 chat10                         A      60.28.217.10
 chat11                         A      60.28.217.11
 chat156                        A      60.28.209.156
 chat27                         A      60.28.217.26
 chat7                          A      60.28.217.26
 chat70                         A      60.28.217.70
 chat71                         A      60.28.217.71
 chat72                         A      60.28.217.72
 chat76                         A      60.28.217.76
 cn                             A      60.28.217.86
 console14                      A      60.28.193.205
 console5                       A      60.28.193.205
 console6                       A      60.28.193.205
 console75                      A      60.28.193.205
 debug                          A      202.85.220.253
 download                       A      60.28.217.86
 dxt076                         A      110.76.42.176
 elong                          A      60.28.217.86
 email                          A      60.28.217.86
 encrypt                        A      60.28.217.4
 etian                          A      60.28.217.86
 farmer                         A      60.28.217.13
 file                           A      202.85.220.253
 ftp                            A      60.28.193.204
 gamfe                          A      60.28.217.86
 goodbb                         A      60.28.217.4
 hairsos                        A      60.28.217.86
 htexam                         A      60.28.217.86
 huatu                          A      60.28.217.86
 hxsd                           A      60.195.248.35
 hy020a                         A      110.76.42.167
 hy021                          A      110.76.42.167
 hy030                          A      110.76.42.17
 hy030a                         A      110.76.42.17
 ilidu                          A      60.28.217.4
 j                              A      60.28.217.4
 j1                             A      60.28.217.4
 j2                             A      60.28.217.4
 j3                             A      60.28.217.4
 j4                             A      60.28.217.4
 j5                             A      60.28.217.4
 j6                             A      60.28.217.4
 jhjy                           A      60.28.217.4
 jhly                           A      60.28.217.86
 jiachunbao                     A      60.28.217.4
 jiayi                          A      60.28.217.4
 js                             A      60.28.217.4
 juneng                         A      60.28.217.4
 juren                          A      60.28.217.86
 kj-yy                          A      60.28.217.4
 kuoda                          A      60.28.217.4
 ld                             A      60.28.217.86
 lgys                           A      60.28.217.86
 m134                           A      60.28.217.20
 m136                           A      60.28.193.136
 m137                           A      60.28.193.137
 m138                           A      60.28.193.138
 m141                           A      60.28.193.141
 m148                           A      60.28.193.148
 m149                           A      60.28.193.149
 m151                           A      60.28.193.151
 m152                           A      60.28.193.152
 m153                           A      60.28.193.153
 m154                           A      60.28.193.154
 m155                           A      60.28.193.155
 m157                           A      60.28.193.157
 m182                           A      60.28.220.182
 m183                           A      60.28.220.183
 m184                           A      60.28.220.184
 m186                           A      60.28.220.186
 m188                           A      60.28.220.188
 mail                           A      110.76.42.176
 mgr05                          A      60.28.209.156
 mgr06                          A      60.28.209.156
 mgr14                          A      60.28.209.156
 mgr76                          A      60.28.209.156
 michelin                       A      60.28.217.4
 mjbl                           A      60.28.217.86
 newpower                       A      60.28.217.4
 ns                             A      60.28.217.4
 ns1                            A      60.28.193.141
 ns2                            A      58.83.209.100
 ns3                            A      61.151.247.166
 ns5                            A      58.83.209.100
 nsfocus                        A      60.28.217.86
 olzbw                          A      60.28.217.4
 openlab                        A      60.28.217.86
 pac071                         A      222.126.246.252
 payez                          A      60.28.217.4
 postfixadmin                   A      110.76.42.176
 proxy                          A      202.85.220.253
 proxy1                         A      60.28.193.141
 proxy2                         A      60.28.209.156
 proxy3                         A      42.121.65.121
 proxy4                         A      42.121.65.121
 qide                           A      60.28.217.86
 qnlxs                          A      60.28.217.4
 secure                         A      60.28.217.4
 sjs                            A      60.28.217.86
 smpx                           A      60.28.217.86
 status                         A      60.28.217.4
 sunland                        A      60.28.217.4
 sytq120                        A      60.28.217.86
 test                           A      42.121.15.136
 update                         A      202.85.220.253
 uuvisa                         A      60.28.217.4
 wenc                           A      60.28.217.86
 wmdl                           A      60.28.217.4
 wooha                          A      60.28.217.86
 www                            A      42.121.17.160
 xagy                           A      60.28.217.86
 xalx                           A      60.28.217.86
 xdf                            A      60.28.217.86
 xhce                           A      60.28.217.86
 xrs                            A      60.28.217.86
 xsledu                         A      60.28.217.4
 yodak                          A      60.28.217.86
 z8800                          A      60.28.217.4
 zm7                            A      60.28.217.4
 zz                             A      60.28.217.86


如图1。

1.jpg

修复方案:

更改DNS服务器配置。

版权声明:转载请注明来源 txcbg@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:6

确认时间:2013-01-28 20:09

厂商回复:

感谢!

最新状态:

暂无