当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-057020

漏洞标题:一些涉及安监局的系统存在命令执行漏洞(疑似通用)(转cert)

相关厂商:一些涉及安监局的系统

漏洞作者: 雅柏菲卡

提交时间:2014-04-14 13:39

修复时间:2014-07-13 13:39

公开时间:2014-07-13 13:39

漏洞类型:命令执行

危害等级:中

自评Rank:8

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2014-04-14: 细节已通知厂商并且等待厂商处理中
2014-04-19: 厂商已经确认,细节仅向厂商公开
2014-04-22: 细节向第三方安全合作伙伴开放
2014-06-13: 细节向核心白帽子及相关领域专家公开
2014-06-23: 细节向普通白帽子公开
2014-07-03: 细节向实习白帽子公开
2014-07-13: 细节向公众公开

简要描述:

..............

详细说明:

...........

漏洞证明:

以广东省、深圳市部分系统为例
http://61.235.114.80:8081/WebNewsShowAction_viewNews.yt?type=viewNews&entity.id=2579
广东省重大危险源监督信息系统
网站物理路径: E:\deploy\jboss_gd_8081\server\default\.\deploy\gdsafety.war
java.home: C:\Program Files (x86)\Java\jdk1.5.0_11\jre
java.version: 1.5.0_11
os.name: Windows 2003
os.arch: x86
os.version: 5.2
user.name: Administrator
user.home: C:\Documents and Settings\Administrator
user.dir: E:\deploy\jboss_gd_8081\bin
java.class.version: 49.0
java.class.path: C:\Program Files (x86)\Java\jdk1.5.0_11\lib\tools.jar;E:\deploy\jboss_gd_8081\bin\run.jar
java.library.path: C:\Program Files (x86)\Java\jdk1.5.0_11\bin;.;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;E:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;E:\Program Files\Microsoft SQL Server\100\Tools\Binn\;E:\Program Files\Microsoft SQL Server\100\DTS\Binn\;E:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;E:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Documents and Settings\Administrator\Local Settings\Application Data\Kingsoft\WPS Office\9.1.0.4047\office6
file.separator: \
path.separator: ;
java.vendor: Sun Microsystems Inc.
java.vendor.url: http://java.sun.com/
java.vm.specification.version: 1.0
java.vm.specification.vendor: Sun Microsystems Inc.
java.vm.specification.name: Java Virtual Machine Specification
java.vm.version: 1.5.0_11-b03
java.vm.vendor: Sun Microsystems Inc.
java.vm.name: Java HotSpot(TM) Server VM
java.specification.version: 1.5
java.specification.vender: 
java.specification.name: Java Platform API Specification
java.io.tmpdir: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\
hibernate信息
-- listing properties --
java.vendor=Sun Microsystems Inc.
show_sql=false
sun.java.launcher=SUN_STANDARD
catalina.base=E:\deploy\jboss_gd_8081\server\default
hibernate.connection.url=jdbc:jtds:sqlserver://127.0.0.1:1433/...
sun.management.compiler=HotSpot Server Compiler
catalina.useNaming=false
os.name=Windows 2003
sun.boot.class.path=E:\deploy\jboss_gd_8081\lib\endorsed\...
sun.desktop=windows
java.vm.specification.vendor=Sun Microsystems Inc.
java.runtime.version=1.5.0_11-b03
user.name=Administrator
shared.loader=
jboss.remoting.version=22
jboss.bind.address=127.0.0.1
tomcat.util.buf.StringCache.byte.enabled=true
connection.driver_class=net.sourceforge.jtds.jdbc.Driver
jboss.remoting.instanceid=81027e2bbd5766a1x-65da8bc0x11fb6b8495...
jboss.home.dir=E:\deploy\jboss_gd_8081
com.arjuna.common.util.logging.DebugLevel=0x00000000
user.language=zh
java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
sun.boot.library.path=C:\Program Files (x86)\Java\jdk1.5.0_...
dialect=org.hibernate.dialect.SQLServerDialect
com.arjuna.ats.jta.lastResourceOptimisationInterface=org.jboss.tm.LastResource
jboss.home.url=file:/E:/deploy/jboss_gd_8081/
java.version=1.5.0_11
user.timezone=Asia/Shanghai
jboss.server.home.dir=E:\deploy\jboss_gd_8081\server\default
hibernate.bytecode.provider=javassist
sun.arch.data.model=32
java.endorsed.dirs=E:\deploy\jboss_gd_8081\lib\endorsed
jboss.server.home.url=file:/E:/deploy/jboss_gd_8081/server/...
sun.cpu.isalist=pentium_pro+mmx pentium_pro pentium+m...
sun.jnu.encoding=GBK
file.encoding.pkg=sun.io
package.access=sun.,org.apache.catalina.,org.apache....
file.separator=\
java.specification.name=Java Platform API Specification
com.arjuna.ats.tsmx.agentimpl=com.arjuna.ats.internal.jbossatx.agen...
java.class.version=49.0
jboss.server.config.url=file:/E:/deploy/jboss_gd_8081/server/...
user.country=CN
connection.url=jdbc:jtds:sqlserver://127.0.0.1:1433/...
java.home=C:\Program Files (x86)\Java\jdk1.5.0_...
java.vm.info=mixed mode
jboss.lib.url=file:/E:/deploy/jboss_gd_8081/lib/
os.version=5.2
path.separator=;
java.vm.version=1.5.0_11-b03
hibernate.connection.password=83940201
user.variant=
java.protocol.handler.pkgs=org.jboss.net.protocol
java.awt.printerjob=sun.awt.windows.WPrinterJob
sun.io.unicode.encoding=UnicodeLittle
awt.toolkit=sun.awt.windows.WToolkit
hibernate.connection.username=sa
package.definition=sun.,java.,org.apache.catalina.,org.a...
com.arjuna.common.util.logger=log4j_releveler
jboss.server.temp.dir=E:\deploy\jboss_gd_8081\server\defaul...
java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
sun.rmi.dgc.client.gcInterval=3600000
user.home=C:\Documents and Settings\Administrator
java.rmi.server.RMIClassLoaderSpi=org.jboss.system.JBossRMIClassLoader
java.specification.vendor=Sun Microsystems Inc.
jboss.identity=81027e2bbd5766a1x-65da8bc0x11fb6b8495...
java.library.path=C:\Program Files (x86)\Java\jdk1.5.0_...
java.vendor.url=http://java.sun.com/
program.name=run.bat
hibernate.connection.driver_class=net.sourceforge.jtds.jdbc.Driver
java.vm.vendor=Sun Microsystems Inc.
sun.rmi.dgc.server.gcInterval=3600000
hibernate.dialect=org.hibernate.dialect.SQLServerDialect
common.loader=${catalina.home}/lib,${catalina.home}...
java.runtime.name=Java(TM) 2 Runtime Environment, Stand...
java.class.path=C:\Program Files (x86)\Java\jdk1.5.0_...
hibernate.bytecode.use_reflection_optimizer=false
jboss.server.log.dir=E:\deploy\jboss_gd_8081\server\defaul...
jbossmx.loader.repository.class=org.jboss.mx.loading.UnifiedLoaderRep...
java.vm.specification.name=Java Virtual Machine Specification
java.vm.specification.version=1.0
jboss.remoting.domain=JBOSS
catalina.home=E:\deploy\jboss_gd_8081\server\default
jboss.server.lib.url=file:/E:/deploy/jboss_gd_8081/server/...
sun.os.patch.level=Service Pack 2
sun.cpu.endian=little
com.arjuna.common.util.logging.VisibilityLevel=0xffffffff
com.arjuna.ats.arjuna.objectstore.objectStoreDir=E:\deploy\jboss_gd_8081\server\defaul...
java.io.tmpdir=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\
java.rmi.server.codebase=http://127.0.0.1:8283/
TSMX_VERSION=unknown
org.w3c.dom.DOMImplementationSourceList=org.apache.xerces.dom.DOMXSImplementa...
java.vendor.url.bug=http://java.sun.com/cgi-bin/bugreport...
server.loader=
jboss.server.data.dir=E:\deploy\jboss_gd_8081\server\defaul...
java.rmi.server.hostname=127.0.0.1
hibernate.query.factory_class=org.hibernate.hql.classic.ClassicQuer...
java.awt.graphicsenv=sun.awt.Win32GraphicsEnvironment
os.arch=x86
myeclipse.connection.profile=ewebsafety
jboss.remoting.jmxid=svctag-g6w9y2x_1396593354687
java.ext.dirs=C:\Program Files (x86)\Java\jdk1.5.0_...
user.dir=E:\deploy\jboss_gd_8081\bin
PROPERTIES_FILE=tsmx.properties
line.separator=
java.vm.name=Java HotSpot(TM) Server VM
jboss.server.base.dir=E:\deploy\jboss_gd_8081\server
org.apache.commons.logging.Log=org.apache.commons.logging.impl.Log4J...
com.arjuna.common.util.logging.FacilityLevel=0xffffffff
hibernate.myeclipse.connection.profile=ewebsafety
jboss.server.base.url=file:/E:/deploy/jboss_gd_8081/server/
javax.management.builder.initial=org.jboss.mx.server.MBeanServerBuilde...
file.encoding=GBK
validationQuery=select getDate()
catalina.ext.dirs=E:\deploy\jboss_gd_8081\server\defaul...
java.specification.version=1.5
jboss.server.name=default
hibernate.show_sql=false
hibernate.validationQuery=select getDate()
深圳市安全管理综合信息系统
http://183.62.232.18:8081/WebNewsShowAction_viewNews.yt?type=viewNews&entity.id=2813
网站物理路径: E:\deploy\jboss_sz_8081\server\default\.\deploy\szsafety.war
java.home: C:\Program Files\Java\jdk1.6.0_10\jre
java.version: 1.6.0_10-rc2
os.name: Windows Server 2008
os.arch: x86
os.version: 6.0
user.name: Administrator
user.home: C:\Users\Administrator
user.dir: E:\deploy\jboss_sz_8081\bin
java.class.version: 50.0
java.class.path: C:\Program Files\Java\jdk1.6.0_10\lib\tools.jar;E:\deploy\jboss_sz_8081\bin\run.jar
java.library.path: C:\Program Files\Java\jdk1.6.0_10\bin;.;C:\Windows\Sun\Java\bin;C:\Windows\system32;C:\Windows;C:\Program Files\Java\jdk1.6.0_10\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem
file.separator: \
path.separator: ;
java.vendor: Sun Microsystems Inc.
java.vendor.url: http://java.sun.com/
java.vm.specification.version: 1.0
java.vm.specification.vendor: Sun Microsystems Inc.
java.vm.specification.name: Java Virtual Machine Specification
java.vm.version: 11.0-b15
java.vm.vendor: Sun Microsystems Inc.
java.vm.name: Java HotSpot(TM) Server VM
java.specification.version: 1.6
java.specification.vender: 
java.specification.name: Java Platform API Specification
java.io.tmpdir: C:\Users\ADMINI~1\AppData\Local\Temp\1\
hibernate信息
-- listing properties --
java.vendor=Sun Microsystems Inc.
show_sql=false
sun.java.launcher=SUN_STANDARD
catalina.base=E:\deploy\jboss_sz_8081\server\default
hibernate.connection.url=jdbc:jtds:sqlserver://10.88.26.252:14...
sun.management.compiler=HotSpot Tiered Compilers
catalina.useNaming=false
os.name=Windows Server 2008
sun.boot.class.path=E:\deploy\jboss_sz_8081\lib\endorsed\...
sun.desktop=windows
java.vm.specification.vendor=Sun Microsystems Inc.
java.runtime.version=1.6.0_10-rc2-b32
user.name=Administrator
shared.loader=
jboss.remoting.version=22
jboss.bind.address=127.0.0.1
tomcat.util.buf.StringCache.byte.enabled=true
connection.driver_class=net.sourceforge.jtds.jdbc.Driver
jboss.remoting.instanceid=81027e2bbd5766a1x-65da8bc0x11fb6b8495...
jboss.home.dir=E:\deploy\jboss_sz_8081
com.arjuna.common.util.logging.DebugLevel=0x00000000
user.language=zh
java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
sun.boot.library.path=C:\Program Files\Java\jdk1.6.0_10\jre...
dialect=org.hibernate.dialect.SQLServerDialect
com.arjuna.ats.jta.lastResourceOptimisationInterface=org.jboss.tm.LastResource
jboss.home.url=file:/E:/deploy/jboss_sz_8081/
java.version=1.6.0_10-rc2
user.timezone=Asia/Shanghai
jboss.server.home.dir=E:\deploy\jboss_sz_8081\server\default
hibernate.bytecode.provider=javassist
sun.arch.data.model=32
java.endorsed.dirs=E:\deploy\jboss_sz_8081\lib\endorsed
jboss.server.home.url=file:/E:/deploy/jboss_sz_8081/server/...
sun.cpu.isalist=pentium_pro+mmx pentium_pro pentium+m...
sun.jnu.encoding=GBK
file.encoding.pkg=sun.io
package.access=sun.,org.apache.catalina.,org.apache....
file.separator=\
java.specification.name=Java Platform API Specification
com.arjuna.ats.tsmx.agentimpl=com.arjuna.ats.internal.jbossatx.agen...
java.class.version=50.0
jboss.server.config.url=file:/E:/deploy/jboss_sz_8081/server/...
user.country=CN
connection.url=jdbc:jtds:sqlserver://10.88.26.252:14...
java.home=C:\Program Files\Java\jdk1.6.0_10\jre
java.vm.info=mixed mode
jboss.lib.url=file:/E:/deploy/jboss_sz_8081/lib/
os.version=6.0
path.separator=;
java.vm.version=11.0-b15
hibernate.connection.password=AYT.COM1306
user.variant=
java.protocol.handler.pkgs=org.jboss.net.protocol
java.awt.printerjob=sun.awt.windows.WPrinterJob
sun.io.unicode.encoding=UnicodeLittle
awt.toolkit=sun.awt.windows.WToolkit
hibernate.connection.username=sa
package.definition=sun.,java.,org.apache.catalina.,org.a...
com.arjuna.common.util.logger=log4j_releveler
jboss.server.temp.dir=E:\deploy\jboss_sz_8081\server\defaul...
java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
sun.rmi.dgc.client.gcInterval=3600000
user.home=C:\Users\Administrator
java.rmi.server.RMIClassLoaderSpi=org.jboss.system.JBossRMIClassLoader
java.specification.vendor=Sun Microsystems Inc.
jboss.identity=81027e2bbd5766a1x-65da8bc0x11fb6b8495...
java.library.path=C:\Program Files\Java\jdk1.6.0_10\bin...
java.vendor.url=http://java.sun.com/
program.name=run.bat
hibernate.connection.driver_class=net.sourceforge.jtds.jdbc.Driver
java.vm.vendor=Sun Microsystems Inc.
sun.rmi.dgc.server.gcInterval=3600000
hibernate.dialect=org.hibernate.dialect.SQLServerDialect
common.loader=${catalina.home}/lib,${catalina.home}...
java.runtime.name=Java(TM) SE Runtime Environment
java.class.path=C:\Program Files\Java\jdk1.6.0_10\lib...
hibernate.bytecode.use_reflection_optimizer=false
jboss.server.log.dir=E:\deploy\jboss_sz_8081\server\defaul...
jbossmx.loader.repository.class=org.jboss.mx.loading.UnifiedLoaderRep...
java.vm.specification.name=Java Virtual Machine Specification
java.vm.specification.version=1.0
jboss.remoting.domain=JBOSS
catalina.home=E:\deploy\jboss_sz_8081\server\default
jboss.server.lib.url=file:/E:/deploy/jboss_sz_8081/server/...
sun.os.patch.level=Service Pack 1
sun.cpu.endian=little
com.arjuna.common.util.logging.VisibilityLevel=0xffffffff
com.arjuna.ats.arjuna.objectstore.objectStoreDir=E:\deploy\jboss_sz_8081\server\defaul...
java.io.tmpdir=C:\Users\ADMINI~1\AppData\Local\Temp\1\
java.rmi.server.codebase=http://127.0.0.1:8283/
TSMX_VERSION=unknown
org.w3c.dom.DOMImplementationSourceList=org.apache.xerces.dom.DOMXSImplementa...
java.vendor.url.bug=http://java.sun.com/cgi-bin/bugreport...
server.loader=
jboss.server.data.dir=E:\deploy\jboss_sz_8081\server\defaul...
java.rmi.server.hostname=127.0.0.1
hibernate.query.factory_class=org.hibernate.hql.classic.ClassicQuer...
java.awt.graphicsenv=sun.awt.Win32GraphicsEnvironment
os.arch=x86
myeclipse.connection.profile=ewebsafety
jboss.remoting.jmxid=WIN-0BTKY3F9CT1_1397440687741
java.ext.dirs=C:\Program Files\Java\jdk1.6.0_10\jre...
user.dir=E:\deploy\jboss_sz_8081\bin
PROPERTIES_FILE=tsmx.properties
line.separator=
java.vm.name=Java HotSpot(TM) Server VM
jboss.server.base.dir=E:\deploy\jboss_sz_8081\server
org.apache.commons.logging.Log=org.apache.commons.logging.impl.Log4J...
com.arjuna.common.util.logging.FacilityLevel=0xffffffff
hibernate.myeclipse.connection.profile=ewebsafety
jboss.server.base.url=file:/E:/deploy/jboss_sz_8081/server/
javax.management.builder.initial=org.jboss.mx.server.MBeanServerBuilde...
file.encoding=GBK
validationQuery=select getDate()
catalina.ext.dirs=E:\deploy\jboss_sz_8081\server\defaul...
java.specification.version=1.6
jboss.server.name=default
hibernate.show_sql=false
hibernate.validationQuery=select getDate()
深圳市龙岗区安全监督管理信息系统
http://183.62.232.229:8081/WebNewsShowAction_viewNews.yt?type=viewNews&entity.id=2588
网站物理路径: D:\deploy\jboss_szlgsafety_8081\server\default\.\deploy\szlgsafety.war
java.home: C:\Program Files (x86)\Java\jdk1.6.0\jre
java.version: 1.6.0
os.name: Windows Vista
os.arch: x86
os.version: 6.1
user.name: Administrator
user.home: C:\Users\Administrator
user.dir: D:\deploy\jboss_szlgsafety_8081\bin
java.class.version: 50.0
java.class.path: C:\Program Files (x86)\Java\jdk1.6.0\lib\tools.jar;D:\deploy\jboss_szlgsafety_8081\bin\run.jar
java.library.path: C:\Program Files (x86)\Java\jdk1.6.0\bin;.;C:\Windows\Sun\Java\bin;C:\Windows\system32;C:\Windows;.;C:\Program Files (x86)\Java\jdk1.6.0\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\
file.separator: \
path.separator: ;
java.vendor: Sun Microsystems Inc.
java.vendor.url: http://java.sun.com/
java.vm.specification.version: 1.0
java.vm.specification.vendor: Sun Microsystems Inc.
java.vm.specification.name: Java Virtual Machine Specification
java.vm.version: 1.6.0-b105
java.vm.vendor: Sun Microsystems Inc.
java.vm.name: Java HotSpot(TM) Server VM
java.specification.version: 1.6
java.specification.vender: 
java.specification.name: Java Platform API Specification
java.io.tmpdir: C:\Users\ADMINI~1\AppData\Local\Temp\2\
hibernate信息
-- listing properties --
java.vendor=Sun Microsystems Inc.
show_sql=false
sun.java.launcher=SUN_STANDARD
catalina.base=D:\deploy\jboss_szlgsafety_8081\serve...
hibernate.connection.url=jdbc:jtds:sqlserver://10.88.26.244:14...
sun.management.compiler=HotSpot Server Compiler
catalina.useNaming=false
os.name=Windows Vista
sun.boot.class.path=D:\deploy\jboss_szlgsafety_8081\lib\e...
sun.desktop=windows
java.vm.specification.vendor=Sun Microsystems Inc.
java.runtime.version=1.6.0-b105
user.name=Administrator
shared.loader=
jboss.remoting.version=22
jboss.bind.address=127.0.0.1
tomcat.util.buf.StringCache.byte.enabled=true
connection.driver_class=net.sourceforge.jtds.jdbc.Driver
jboss.remoting.instanceid=81027e2bbd5766a1x-65da8bc0x11fb6b8495...
jboss.home.dir=D:\deploy\jboss_szlgsafety_8081
com.arjuna.common.util.logging.DebugLevel=0x00000000
user.language=zh
java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
sun.boot.library.path=C:\Program Files (x86)\Java\jdk1.6.0\...
dialect=org.hibernate.dialect.SQLServerDialect
com.arjuna.ats.jta.lastResourceOptimisationInterface=org.jboss.tm.LastResource
jboss.home.url=file:/D:/deploy/jboss_szlgsafety_8081/
java.version=1.6.0
user.timezone=Asia/Shanghai
jboss.server.home.dir=D:\deploy\jboss_szlgsafety_8081\serve...
hibernate.bytecode.provider=javassist
sun.arch.data.model=32
java.endorsed.dirs=D:\deploy\jboss_szlgsafety_8081\lib\e...
jboss.server.home.url=file:/D:/deploy/jboss_szlgsafety_8081...
sun.cpu.isalist=pentium_pro+mmx pentium_pro pentium+m...
sun.jnu.encoding=GBK
file.encoding.pkg=sun.io
package.access=sun.,org.apache.catalina.,org.apache....
file.separator=\
java.specification.name=Java Platform API Specification
com.arjuna.ats.tsmx.agentimpl=com.arjuna.ats.internal.jbossatx.agen...
java.class.version=50.0
jboss.server.config.url=file:/D:/deploy/jboss_szlgsafety_8081...
user.country=CN
connection.url=jdbc:jtds:sqlserver://10.88.26.244:14...
java.home=C:\Program Files (x86)\Java\jdk1.6.0\jre
java.vm.info=mixed mode
jboss.lib.url=file:/D:/deploy/jboss_szlgsafety_8081...
os.version=6.1
path.separator=;
java.vm.version=1.6.0-b105
hibernate.connection.password=eweb
user.variant=
java.protocol.handler.pkgs=org.jboss.net.protocol
java.awt.printerjob=sun.awt.windows.WPrinterJob
sun.io.unicode.encoding=UnicodeLittle
awt.toolkit=sun.awt.windows.WToolkit
hibernate.connection.username=sa
package.definition=sun.,java.,org.apache.catalina.,org.a...
com.arjuna.common.util.logger=log4j_releveler
jboss.server.temp.dir=D:\deploy\jboss_szlgsafety_8081\serve...
java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
sun.rmi.dgc.client.gcInterval=3600000
user.home=C:\Users\Administrator
java.rmi.server.RMIClassLoaderSpi=org.jboss.system.JBossRMIClassLoader
java.specification.vendor=Sun Microsystems Inc.
jboss.identity=81027e2bbd5766a1x-65da8bc0x11fb6b8495...
java.library.path=C:\Program Files (x86)\Java\jdk1.6.0\...
java.vendor.url=http://java.sun.com/
program.name=run.bat
hibernate.connection.driver_class=net.sourceforge.jtds.jdbc.Driver
java.vm.vendor=Sun Microsystems Inc.
sun.rmi.dgc.server.gcInterval=3600000
hibernate.dialect=org.hibernate.dialect.SQLServerDialect
common.loader=${catalina.home}/lib,${catalina.home}...
java.runtime.name=Java(TM) SE Runtime Environment
java.class.path=C:\Program Files (x86)\Java\jdk1.6.0\...
hibernate.bytecode.use_reflection_optimizer=false
jboss.server.log.dir=D:\deploy\jboss_szlgsafety_8081\serve...
jbossmx.loader.repository.class=org.jboss.mx.loading.UnifiedLoaderRep...
java.vm.specification.name=Java Virtual Machine Specification
java.vm.specification.version=1.0
jboss.remoting.domain=JBOSS
catalina.home=D:\deploy\jboss_szlgsafety_8081\serve...
jboss.server.lib.url=file:/D:/deploy/jboss_szlgsafety_8081...
sun.os.patch.level=
sun.cpu.endian=little
com.arjuna.common.util.logging.VisibilityLevel=0xffffffff
com.arjuna.ats.arjuna.objectstore.objectStoreDir=D:\deploy\jboss_szlgsafety_8081\serve...
java.io.tmpdir=C:\Users\ADMINI~1\AppData\Local\Temp\2\
java.rmi.server.codebase=http://127.0.0.1:8283/
TSMX_VERSION=unknown
org.w3c.dom.DOMImplementationSourceList=org.apache.xerces.dom.DOMXSImplementa...
java.vendor.url.bug=http://java.sun.com/cgi-bin/bugreport...
server.loader=
jboss.server.data.dir=D:\deploy\jboss_szlgsafety_8081\serve...
java.rmi.server.hostname=127.0.0.1
hibernate.query.factory_class=org.hibernate.hql.classic.ClassicQuer...
java.awt.graphicsenv=sun.awt.Win32GraphicsEnvironment
os.arch=x86
myeclipse.connection.profile=ewebsafety
jboss.remoting.jmxid=WIN-NCHJDBBORVN_1397205657360
java.ext.dirs=C:\Program Files (x86)\Java\jdk1.6.0\...
user.dir=D:\deploy\jboss_szlgsafety_8081\bin
PROPERTIES_FILE=tsmx.properties
line.separator=
java.vm.name=Java HotSpot(TM) Server VM
jboss.server.base.dir=D:\deploy\jboss_szlgsafety_8081\server
org.apache.commons.logging.Log=org.apache.commons.logging.impl.Log4J...
com.arjuna.common.util.logging.FacilityLevel=0xffffffff
hibernate.myeclipse.connection.profile=ewebsafety
jboss.server.base.url=file:/D:/deploy/jboss_szlgsafety_8081...
javax.management.builder.initial=org.jboss.mx.server.MBeanServerBuilde...
file.encoding=GBK
validationQuery=select getDate()
catalina.ext.dirs=D:\deploy\jboss_szlgsafety_8081\serve...
java.specification.version=1.6
jboss.server.name=default
hibernate.show_sql=false
hibernate.validationQuery=select getDate()
盐田区/宝安区/龙岗区/  
龙华新区/坪山新区
均使用同一个系统  案例在上面

修复方案:

版权声明:转载请注明来源 雅柏菲卡@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:16

确认时间:2014-04-19 12:33

厂商回复:

CNVD确认并复现所述情况,已经转由CNCERT下发给广东分中心验证和处置,根据广东分中心反馈,后续发现4个相关案例,均已通报处置。由于应用范围较少,暂不认定通用,算是定制系统吧。

最新状态:

暂无