漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2013-035762
漏洞标题:国家电网浙江电力公司域传送漏洞
相关厂商:国家电网公司
漏洞作者: 霍大然
提交时间:2013-08-31 14:13
修复时间:2013-10-15 14:14
公开时间:2013-10-15 14:14
漏洞类型:敏感信息泄露
危害等级:低
自评Rank:5
漏洞状态:厂商已经确认
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2013-08-31: 细节已通知厂商并且等待厂商处理中
2013-09-03: 厂商已经确认,细节仅向厂商公开
2013-09-13: 细节向核心白帽子及相关领域专家公开
2013-09-23: 细节向普通白帽子公开
2013-10-03: 细节向实习白帽子公开
2013-10-15: 细节向公众公开
简要描述:
国家电网浙江电力公司域传送漏洞
详细说明:
dnsenum.pl VERSION:1.2.2
[1;34m
----- zj.sgcc.com.cn -----
[0m[1;31m
Host's addresses:
__________________
[0m[1;31m
Name Servers:
______________
[0mns1.zj.sgcc.com.cn 21467 IN A 202.107.201.1
[1;31m
Mail (MX) Servers:
___________________
[0mmx1.zj.sgcc.com.cn 21600 IN A 210.77.176.60
[1;31m
Trying Zone Transfers and getting Bind Versions:
_________________________________________________
[0m
Trying Zone Transfer for zj.sgcc.com.cn on ns1.zj.sgcc.com.cn ...
zj.sgcc.com.cn 86400 IN SOA
zj.sgcc.com.cn 86400 IN NS
zj.sgcc.com.cn 86400 IN MX
#zdfap.zj.sgcc.com.cn 86400 IN A 202.107.201.21
95598.zj.sgcc.com.cn 86400 IN A 202.107.201.24
95598adm.zj.sgcc.com.cn 86400 IN A 202.107.201.24
antivirus.zj.sgcc.com.cn 86400 IN A 172.19.252.100
appwuliu1.zj.sgcc.com.cn 86400 IN A 202.107.201.35
bid-ca1.zj.sgcc.com.cn 86400 IN A 202.107.201.26
bid-ca2.zj.sgcc.com.cn 86400 IN A 202.107.201.27
bid-db1.zj.sgcc.com.cn 86400 IN A 202.107.201.28
bid-db2.zj.sgcc.com.cn 86400 IN A 202.107.201.29
bidding.zj.sgcc.com.cn 86400 IN A 202.107.201.11
bidvideo1.zj.sgcc.com.cn 86400 IN A 202.107.201.12
bidvideo2.zj.sgcc.com.cn 86400 IN A 202.107.201.13
centos-repos.zj.sgcc.com.cn 86400 IN A 202.107.201.58
cwgk.zj.sgcc.com.cn 86400 IN CNAME
dzjf.zj.sgcc.com.cn 86400 IN CNAME
dzjftest0109.zj.sgcc.com.cn 86400 IN CNAME
gczj.zj.sgcc.com.cn 86400 IN CNAME
cms.hu.zj.sgcc.com.cn 86400 IN CNAME
www.info.zj.sgcc.com.cn 86400 IN A 172.19.68.12
www.info1.zj.sgcc.com.cn 86400 IN A 202.107.201.7
lpromis.zj.sgcc.com.cn 86400 IN CNAME
mail.zj.sgcc.com.cn 86400 IN A 210.77.176.58
mailadm.zj.sgcc.com.cn 86400 IN A 210.77.176.161
mx1.zj.sgcc.com.cn 86400 IN A 210.77.176.60
cms.nb.zj.sgcc.com.cn 86400 IN CNAME
www.nb.zj.sgcc.com.cn 86400 IN A 202.107.201.9
ns1.zj.sgcc.com.cn 86400 IN A 202.107.201.1
ns2.zj.sgcc.com.cn 86400 IN A 202.107.201.2
radware.zj.sgcc.com.cn 86400 IN A 202.107.201.24
radware-nat.zj.sgcc.com.cn 86400 IN A 202.107.201.25
repos.zj.sgcc.com.cn 86400 IN CNAME
sgyxapp0.zj.sgcc.com.cn 86400 IN A 202.107.201.41
sgyxapp1.zj.sgcc.com.cn 86400 IN A 202.107.201.42
shzr.zj.sgcc.com.cn 86400 IN A 202.107.201.9
solarwinds.zj.sgcc.com.cn 86400 IN A 172.19.252.98
spam.zj.sgcc.com.cn 86400 IN A 210.77.176.60
stdpm.zj.sgcc.com.cn 86400 IN CNAME
sysadm.zj.sgcc.com.cn 86400 IN A 172.19.252.97
cms.tz.zj.sgcc.com.cn 86400 IN A 202.107.201.19
www.tz.zj.sgcc.com.cn 86400 IN A 202.107.201.9
www.zj.sgcc.com.cn 86400 IN A 202.107.201.3
yxdav.zj.sgcc.com.cn 86400 IN A 202.107.201.42
www.zdfap.zj.sgcc.com.cn 86400 IN CNAME
zjdlb.zj.sgcc.com.cn 86400 IN A 202.107.201.9
zjdy.zj.sgcc.com.cn 86400 IN A 202.107.201.9
zjweb.zj.sgcc.com.cn 86400 IN A 202.107.201.21
zmgk.zj.sgcc.com.cn 86400 IN A 202.107.201.20
zpgptc.zj.sgcc.com.cn 86400 IN A 202.107.201.59
ztpc.zj.sgcc.com.cn 86400 IN A 218.75.109.180
漏洞证明:
修复方案:
访问控制
版权声明:转载请注明来源 霍大然@乌云
漏洞回应
厂商回应:
危害等级:低
漏洞Rank:4
确认时间:2013-09-03 08:36
厂商回复:
谢谢
最新状态:
暂无