当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2013-041406

漏洞标题:蜡笔网# 蜡笔网DNS域传送漏洞

相关厂商:gozap.com

漏洞作者: 爱上平顶山

提交时间:2013-10-30 16:49

修复时间:2013-11-04 16:50

公开时间:2013-11-04 16:50

漏洞类型:系统/服务运维配置不当

危害等级:中

自评Rank:6

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2013-10-30: 细节已通知厂商并且等待厂商处理中
2013-11-04: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

0.0

详细说明:

蜡笔网
网站首页地址: www.labi.com
主办单位名称:北京格致璞科技有限公司
蛮出名的手机同步 DNS域传送漏洞一枚
C:\Documents and Settings\Administrator>nslookup
Default Server: hb-cache1
Address: 61.234.145.101
> set type=ns
> labi.com
Server: hb-cache1
Address: 61.234.145.101
Non-authoritative answer:
labi.com nameserver = ns.gozap.com
labi.com nameserver = sns.gozap.com
> server sns.gozap.com
Default Server: sns.gozap.com
Address: 58.68.151.18
> ls labi.com
[sns.gozap.com]
labi.com. NS server = ns.gozap.com
labi.com. NS server = sns.gozap.com
labi.com. A 58.68.151.25
* A 58.68.151.27
api A 124.126.42.10
app A 124.126.42.10
bbs A 58.68.151.24
c2s A 124.126.42.10
c2s-1 A 124.126.42.10
c2s-10 A 124.126.42.10
c2s-2 A 124.126.42.10
c2s-3 A 124.126.42.10
c2s-4 A 124.126.42.10
c2s-5 A 124.126.42.10
c2s-6 A 124.126.42.10
c2s-7 A 124.126.42.10
c2s-8 A 124.126.42.10
c2s-9 A 124.126.42.10
dohko.cal A 124.126.42.10
mu.comet A 124.126.42.9
dohko A 124.126.42.10
download A 58.68.151.24
e A 58.68.151.27
dohko.e A 124.126.42.10
mu.e A 124.126.42.9
test.e A 58.68.151.26
elabi A 220.194.47.238
faq A 58.68.151.24
file A 58.68.151.27
dohko.file A 124.126.42.9
bosh.hime A 58.68.151.19
c2s.hime A 219.235.228.178
c2s-1.hime A 219.235.228.178
c2s-10.hime A 219.235.228.178
c2s-2.hime A 219.235.228.178
c2s-3.hime A 219.235.228.178
c2s-4.hime A 219.235.228.178
c2s-5.hime A 219.235.228.178
c2s-6.hime A 219.235.228.178
c2s-7.hime A 219.235.228.178
c2s-8.hime A 219.235.228.178
c2s-9.hime A 219.235.228.178
img.hime A 219.235.228.178
jhb.hime A 58.68.151.19
img A 58.68.151.22
dohko.img A 124.126.42.12
mu.img A 124.126.42.9
js A 220.194.47.241
js1 A 220.194.47.241
m A 58.68.151.27
dohko.m A 124.126.42.10
test.m A 219.235.228.182
mms A 58.68.151.22
mu A 124.126.42.9
dohko.passport A 124.126.42.10
surfing A 58.68.151.26
syncml A 58.68.151.27
test A 219.235.228.182
mu.test A 124.126.42.9
upload A 58.68.151.18
wap A 58.68.151.27
www A 58.68.151.25
dohko.www A 124.126.42.8
hime.www A 124.126.42.11
milo.www A 124.126.42.11
mu.www A 124.126.42.9
hime.passport.www A 124.126.42.9
shaka.www A 124.126.42.12
>
ok

漏洞证明:

如上

修复方案:

改。

版权声明:转载请注明来源 爱上平顶山@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2013-11-04 16:50

厂商回复:

最新状态:

暂无