漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2014-048491
漏洞标题:中国网络电视台某管理系统存在任意代码执行漏洞
相关厂商:中国网络电视台
漏洞作者: Mr.leo
提交时间:2014-01-10 17:11
修复时间:2014-02-24 17:12
公开时间:2014-02-24 17:12
漏洞类型:文件上传导致任意代码执行
危害等级:高
自评Rank:15
漏洞状态:厂商已经确认
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2014-01-10: 细节已通知厂商并且等待厂商处理中
2014-01-10: 厂商已经确认,细节仅向厂商公开
2014-01-20: 细节向核心白帽子及相关领域专家公开
2014-01-30: 细节向普通白帽子公开
2014-02-09: 细节向实习白帽子公开
2014-02-24: 细节向公众公开
简要描述:
中国网络电视台某管理系统存在任意代码执行漏洞
详细说明:
站点:
http://202.108.9.135/index.action?request_locale=zh_CN 基因库管理系统
http://202.108.9.135/login.action 存在Sturst2漏洞
内网ip已打码
eth0 Link encap:Ethernet HWaddr 00:1e:0b:d5:b1:52
inet addr:10.*.*.228 Bcast:10.*.*.255 Mask:255.255.248.0
inet6 addr: fe80::21e:bff:fed5:b152/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1082463247 errors:0 dropped:1910928390 overruns:0 frame:0
TX packets:900262660 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:808442843 (770.9 MiB) TX bytes:3776177947 (3.5 GiB)
Interrupt:40
eth0:0 Link encap:Ethernet HWaddr 00:1e:0b:d5:b1:52
inet addr:10.*.*.Bcast:10.*.*.255 Mask:255.255.248.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:40
eth1 Link encap:Ethernet HWaddr 00:1e:0b:d5:b1:53
inet addr:10.*.*.228 Bcast:10.*.*.255 Mask:255.255.248.0
inet6 addr: fe80::21e:bff:fed5:b153/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1195643509 errors:0 dropped:85408 overruns:0 frame:0
TX packets:705919371 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1857790551 (1.7 GiB) TX bytes:2054296502 (1.9 GiB)
Interrupt:39
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:39889776 errors:0 dropped:0 overruns:0 frame:0
TX packets:39889776 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1280690189 (1.1 GiB) TX bytes:1280690189 (1.1 GiB)
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Debian-exim:x:100:102::/var/spool/exim4:/bin/false
statd:x:101:65534::/var/lib/nfs:/bin/false
identd:x:102:65534::/var/run/identd:/bin/false
vobile:x:1000:1000:vobile,,,:/home/vobile:/bin/bash
sshd:x:103:65534::/var/run/sshd:/usr/sbin/nologin
ntp:x:104:104::/home/ntp:/bin/false
media_wise:x:1001:1001::/home/media_wise:/bin/bash
tomcat55:x:105:65534::/usr/share/tomcat5.5:/bin/false
mysql:x:106:105:MySQL Server,,,:/var/lib/mysql:/bin/false
vdna:x:1002:1002::/home/vdna:/bin/bash
admin:x:1003:1003::/home/admin:/home/admin/bin/adm
snmp:x:107:65534::/var/lib/snmp:/bin/false
hacluster:x:108:106:Heartbeat System Account,,,:/usr/lib/heartbeat:/bin/false
libuuid:x:109:107::/var/lib/libuuid:/bin/sh
over
漏洞证明:
已经证明
修复方案:
升级struts2版本
版权声明:转载请注明来源 Mr.leo@乌云
漏洞回应
厂商回应:
危害等级:高
漏洞Rank:15
确认时间:2014-01-10 18:03
厂商回复:
非常感谢,我们将尽快进行该业务的整改!~~感谢您对我们的支持和帮助!~~~
最新状态:
暂无