财富中国CDN日志未授权访问 | wooyun-2013-044718| WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2013-044718

漏洞标题：财富中国CDN日志未授权访问

漏洞作者：么么哒

提交时间：2013-12-02 17:59

修复时间：2014-01-16 18:00

公开时间：2014-01-16 18:00

漏洞类型：未授权访问/权限绕过

危害等级：中

自评Rank：10

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2013-12-02：细节已通知厂商并且等待厂商处理中
2013-12-03：厂商已经确认，细节仅向厂商公开
2013-12-13：细节向核心白帽子及相关领域专家公开
2013-12-23：细节向普通白帽子公开
2014-01-02：细节向实习白帽子公开
2014-01-16：细节向公众公开

简要描述：

财富中国CDN日志未授权访问

详细说明：

http://dl.powercdn.com/logdown/www.3158.com/www.3158.com_2013-12-01.tar.gz
http://dl.powercdn.com/logdown/manages.3158.com/manages.3158.com_2013-12-01.tar.gz
http://dl.powercdn.com/logdown/my.3158.com/my.3158.com_2013-12-01.tar.gz
http://dl.powercdn.com/logdown/member.3158.com/member.3158.com_2013-12-01.tar.gz
.........

漏洞证明：

部分日志展示

114.249.124.151 - - 2013-11-30 09:37:01 "GET http://manages.3158.com/favicon.ico HTTP/1.1" 404 825 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; 360space)" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:13:26 "GET http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=233 HTTP/1.1" 200 1796 "http://manages.3158.com/admin/?c=zixun.nr_ar_edit&mcid=233&cid=236&aid=9876&page=" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:13:27 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=233" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:13:29 "GET http://manages.3158.com/admin/?c=zixun.nr_nr HTTP/1.1" 200 2168 "http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=233" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:13:30 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:13:32 "GET http://manages.3158.com/admin/?c=Sys.main&mod=makehtml.slist HTTP/1.1" 200 2771 "http://manages.3158.com/admin/?c=Sys.main&mod=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:13:32 "GET http://manages.3158.com/admin/?c=makehtml.slist HTTP/1.1" 200 6634 "http://manages.3158.com/admin/?c=Sys.main&mod=makehtml.slist" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:13:32 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=makehtml.slist" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:11 "GET http://manages.3158.com/admin/?c=Sys.main&mod=zixun.nr_nr HTTP/1.1" 200 2771 "http://manages.3158.com/admin/?c=Sys.main&mod=makehtml.slist" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:12 "GET http://manages.3158.com/admin/?c=zixun.nr_nr HTTP/1.1" 200 2168 "http://manages.3158.com/admin/?c=Sys.main&mod=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:12 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:15 "GET http://manages.3158.com/admin/?c=Sys.main&mod=zixun.nr_nr HTTP/1.1" 200 2771 "http://manages.3158.com/admin/?c=Sys.main&mod=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:16 "GET http://manages.3158.com/admin/?c=zixun.nr_nr HTTP/1.1" 200 2168 "http://manages.3158.com/admin/?c=Sys.main&mod=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:16 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:17 "GET http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=121 HTTP/1.1" 200 1846 "http://manages.3158.com/admin/?c=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:17 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=121" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:18 "GET http://manages.3158.com/admin/?c=zixun.nr_list&mcid=121&cid=123 HTTP/1.1" 200 4803 "http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=121" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:19 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_list&mcid=121&cid=123" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:24 "GET http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=121 HTTP/1.1" 200 1846 "http://manages.3158.com/admin/?c=zixun.nr_list&mcid=121&cid=123" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:24 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=121" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:29 "GET http://manages.3158.com/admin/?c=zixun.nr_nr HTTP/1.1" 200 2168 "http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=121" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:14:29 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:19 "GET http://manages.3158.com/admin/ HTTP/1.1" 200 2769 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:20 "GET http://manages.3158.com/admin/?c=Sys.info HTTP/1.1" 200 1579 "http://manages.3158.com/admin/" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:20 "GET http://manages.3158.com/favicon.ico HTTP/1.1" 404 405 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:20 "GET http://manages.3158.com/favicon.ico HTTP/1.1" 404 404 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_NEGATIVE_HIT:NONE
113.204.101.198 - - 2013-11-30 10:10:20 "GET http://manages.3158.com/favicon.ico HTTP/1.1" 404 404 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_NEGATIVE_HIT:NONE
113.204.101.198 - - 2013-11-30 10:10:22 "GET http://manages.3158.com/admin/?c=Sys.main&mod=zixun.nr_nr HTTP/1.1" 200 2771 "http://manages.3158.com/admin/" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:22 "GET http://manages.3158.com/admin/?c=zixun.nr_nr HTTP/1.1" 200 2168 "http://manages.3158.com/admin/?c=Sys.main&mod=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:22 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:24 "GET http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=183 HTTP/1.1" 200 1806 "http://manages.3158.com/admin/?c=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:24 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=183" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:25 "GET http://manages.3158.com/admin/?c=zixun.nr_list&mcid=183&cid=187 HTTP/1.1" 200 4761 "http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=183" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:26 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_list&mcid=183&cid=187" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:28 "GET http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=183 HTTP/1.1" 200 1806 "http://manages.3158.com/admin/?c=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:34 "GET http://manages.3158.com/admin/?c=zixun.nr_addnew&mcid=183&cid=187 HTTP/1.1" 200 3014 "http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=183" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:10:34 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_addnew&mcid=183&cid=187" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:11:04 "GET http://manages.3158.com/admin/?c=Sys.main&mod=zixun.nr_nr HTTP/1.1" 200 2771 "http://manages.3158.com/admin/?c=Sys.main&mod=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:11:05 "GET http://manages.3158.com/admin/?c=zixun.nr_nr HTTP/1.1" 200 2168 "http://manages.3158.com/admin/?c=Sys.main&mod=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:11:05 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:11:07 "GET http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=233 HTTP/1.1" 200 1796 "http://manages.3158.com/admin/?c=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:11:07 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=233" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:11:09 "GET http://manages.3158.com/admin/?c=zixun.nr_addnew&mcid=233&cid=237 HTTP/1.1" 200 3107 "http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=233" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:11:09 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_addnew&mcid=233&cid=237" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:11:17 "GET http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=233 HTTP/1.1" 200 1796 "http://manages.3158.com/admin/?c=zixun.nr_nr" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:11:18 "GET http://manages.3158.com/admin/?c=zixun.nr_list&mcid=233&cid=236 HTTP/1.1" 200 4828 "http://manages.3158.com/admin/?c=zixun.nr_nr&mcid=233" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT
113.204.101.198 - - 2013-11-30 10:11:18 "GET http://manages.3158.com/admin/images/style.css HTTP/1.1" 404 405 "http://manages.3158.com/admin/?c=zixun.nr_list&mcid=233&cid=236" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" TCP_MISS:FIRST_UP_PARENT

修复方案：

换CDN提供商？

版权声明：转载请注明来源么么哒@乌云

漏洞回应

厂商回应：

危害等级：低

漏洞Rank：5

确认时间：2013-12-03 15:11

厂商回复：

更改CDN供应商后台的日志存储策略。

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2013-044718

漏洞标题：财富中国CDN日志未授权访问

相关厂商：财富中国

漏洞作者：么么哒

提交时间：2013-12-02 17:59

修复时间：2014-01-16 18:00

公开时间：2014-01-16 18:00

漏洞类型：未授权访问/权限绕过

危害等级：中

自评Rank：10

漏洞状态：厂商已经确认

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源么么哒@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2013-044718

漏洞标题：财富中国CDN日志未授权访问

相关厂商：财富中国

漏洞作者： 么么哒

提交时间：2013-12-02 17:59

修复时间：2014-01-16 18:00

公开时间：2014-01-16 18:00

漏洞类型：未授权访问/权限绕过

危害等级：中

自评Rank：10

漏洞状态：厂商已经确认

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2013-044718"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 么么哒@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞概要关注数(24) 关注此漏洞

漏洞作者：么么哒

Tags标签：无

4人收藏收藏
分享漏洞：

版权声明：转载请注明来源么么哒@乌云