当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0102011

漏洞标题:首都师范大学DNS域传送漏洞

相关厂商:首都师范大学

漏洞作者: 路人甲

提交时间:2015-03-18 15:26

修复时间:2015-03-23 15:28

公开时间:2015-03-23 15:28

漏洞类型:网络敏感信息泄漏

危害等级:中

自评Rank:5

漏洞状态:已交由第三方合作机构(CCERT教育网应急响应组)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-03-18: 细节已通知厂商并且等待厂商处理中
2015-03-23: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

dns.cnu.edu.cn DNS服务器配置不当,导致信息泄露

详细说明:

漏洞.jpg


漏洞证明:

> ls -d cnu.edu.cn 
[dns.cnu.edu.cn]
 cnu.edu.cn.                    SOA    dns.cnu.edu.cn root.cnu.edu.cn. (2015031701 30 30 360 3600)
 cnu.edu.cn.                    MX     5    mxbiz1.qq.com
 cnu.edu.cn.                    MX     10   mxbiz2.qq.com
 cnu.edu.cn.                    NS     dns.cnu.edu.cn                
 cnu.edu.cn.                    NS     dns2.cnu.edu.cn               
 art                            A      202.108.129.56
 art-eng                        A      202.204.217.99
 bcmiis                         A      202.108.129.81
 bet                            A      202.204.209.198
 bg                             A      202.204.208.181
 bingle                         CNAME  tw.cnu.edu.cn
 bioinfor                       A      202.108.129.107
 bjme                           A      202.108.129.81
 bjyc                           A      202.204.219.194
 bjys                           A      202.108.129.200
 bkzs                           A      202.108.129.48
 bqjszc                         A      202.204.219.46
 bqmedia                        A      202.204.219.47
 bqupdate                       A      202.204.219.48
 bwc                            A      202.108.129.56
 caai-ec                        A      202.204.220.10
 card                           A      202.204.219.11
 cetc                           A      202.204.209.219
 chinese                        A      202.204.219.100
 ci                             A      202.204.219.102
 civil                          A      202.204.214.146
 cjy                            A      202.108.129.209
 cmet                           A      202.108.129.56
 cnu-office                     A      202.204.208.72
 cnu3d                          A      202.204.208.147
 cnuoa                          A      202.204.208.143
 courseware                     A      202.204.208.81
 cret                           A      202.204.209.234
 crjy                           A      202.204.210.3
 crjyoa                         CNAME  crjy.cnu.edu.cn
 ctwhszh                        A      202.204.208.66
 cwcx                           A      202.204.209.126
 cwpt                           A      202.204.209.116
 cyjd                           A      202.108.129.81
 dc                             A      202.108.129.56
 dhcp                           A      10.3.1.249
 dns                            A      202.204.208.2
 dns2                           A      202.108.129.3
 dqjszc                         A      172.18.129.20
 dqmedia                        A      172.18.129.21
 dqupdate                       A      172.18.129.22
 dwgk                           A      202.108.129.56
 dyb                            A      202.204.212.40
 edm                            A      202.108.129.81
 eec                            A      202.204.210.200
 elearning                      A      202.204.208.87
 eng                            A      202.204.209.113
 epay                           A      202.204.219.10
 eris                           A      202.204.209.120
 etkeylab                       A      202.204.215.156
 ezone                          A      202.204.218.67
 server.fli                     A      202.204.221.11
 ftc                            A      202.108.129.56
 ns.fz                          A      202.204.218.131
 fzghbgs                        A      202.108.129.56
 gaoshi                         A      202.204.215.131
 gate                           A      202.204.208.17
 gb                             A      202.204.208.78
 gbt                            A      202.204.218.67
 gdwx                           A      202.108.129.165
 geo                            A      202.204.216.169
 ghc                            A      202.204.219.60
 grad                           A      202.108.129.56
 greatcourse                    A      202.108.129.35
 gsa                            A      202.108.129.81
 gsu                            A      202.204.218.67
 guanli                         A      202.204.208.109
 guanliftp                      A      202.108.129.208
 gw                             A      202.204.208.54
 history                        A      202.108.129.179
 hqglc                          A      202.108.129.56
 hqjt                           A      202.108.129.56
 ics                            A      202.204.208.113
 ide                            A      202.108.129.149
 ids1                           A      202.204.208.175
 ids2                           A      202.204.208.176
 ie                             NS     ns.ie.cnu.edu.cn              
 ns.ie                          A      202.204.220.11
 imis                           A      202.204.213.131
 imp                            A      202.204.208.185
 info                           A      202.108.129.56
 it                             A      202.204.208.32
 jf                             A      10.10.10.9
 jfr                            A      202.108.129.73
 jjh                            A      202.204.208.148
 jjxy                           A      202.108.129.56
 jjy                            A      202.108.129.56
 JKY                            A      202.204.210.83
 jlca                           A      202.204.209.32
 jszc                           A      202.204.208.124
 jw                             A      202.108.129.56
 jwc                            A      202.204.208.76
 jwweb                          A      202.108.129.27
 jy                             A      202.108.129.56
 jyxy                           A      202.108.129.47
 jzd                            A      202.108.129.30
 kaprial                        A      202.108.129.33
 kjy                            A      202.108.129.69
 ky                             A      202.204.208.100
 lxjszc                         A      172.17.6.102
 lxmedia                        A      172.17.6.103
 lxupdate                       A      172.17.6.101
 lxxqjcxb                       A      202.108.129.56
 mail                           MX     5    mxbiz1.qq.com
 mail                           MX     10   mxbiz2.qq.com
 mail                           A      58.250.132.30
 mail.mail                      CNAME  exmail.qq.com
 mail1                          A      202.108.129.7
 math                           A      202.108.129.132
 media                          A      202.204.208.123
 mjy                            A      202.108.129.56
 moss2014                       A      202.108.129.56
 mt                             A      202.108.129.38
 news                           A      202.204.209.121
 nic                            A      202.108.129.23
 noc                            A      202.204.208.137
 oa                             A      202.108.129.58
 old                            A      202.108.129.28
 oldinfo                        A      202.108.129.29
 phy                            A      202.204.213.10
 poetry                         A      202.204.219.101
 pop                            CNAME  pop.exmail.qq.com
 portal                         A      202.108.129.68
 psy                            A      202.108.129.211
 etfz.psy                       A      202.108.129.211
 gl.psy                         A      202.108.129.211
 lclab.psy                      A      202.108.129.211
 xn.psy                         A      202.108.129.211
 xxh.psy                        A      202.108.129.211
 qxb                            A      202.204.212.12
 qys                            A      202.204.208.109
 radio                          A      202.204.218.67
 rsc                            A      202.204.208.109
 rtx                            A      202.204.208.79
 sc                             A      202.204.212.5
 scv                            A      202.108.129.79
 shoushi                        A      202.108.129.81
 sjc                            A      202.108.129.56
 sl                             A      202.204.218.67
 smkxxy                         A      202.108.129.56
 sms                            A      202.204.208.181
 smtp                           CNAME  smtp.exmail.qq.com
 student                        A      202.204.209.233
 szjyzx                         A      202.204.209.233
 sztz                           A      202.204.218.66
 szxy                           A      202.108.129.56
 tdh                            A      202.204.218.67
 test111                        A      9.9.9.9
 tv                             A      202.204.208.173
 tw                             A      202.108.129.56
 twsms                          A      202.204.218.68
 tyjxyjb                        A      202.108.129.56
 tzb                            A      202.108.129.56
 tzc                            A      202.108.129.66
 uid                            A      202.108.129.185
 update                         A      202.204.208.125
 usco                           A      202.108.129.23
 vod                            A      202.204.208.84
 vpn                            A      202.108.129.12
 vpntest                        A      202.108.129.248
 waiyu                          A      202.204.208.66
 webmange                       A      202.204.208.74
 webschool                      A      202.108.129.37
 webschool1                     A      202.108.129.36
 webschool2                     A      202.108.129.37
 wfs                            A      202.108.129.41
 wlx                            A      202.108.129.56
 wsapp                          A      202.108.129.40
 wsg                            A      202.204.208.139
 wsim                           A      202.204.208.97
 wsms                           A      202.204.208.96
 www                            A      202.108.129.56
 wzgl                           A      202.204.208.142
 xk                             A      202.204.208.75
 xq                             A      202.204.208.139
 xqjyxy                         A      202.108.129.56
 xsg                            A      202.204.208.139
 xsy                            A      202.108.129.119
 xszz                           A      202.204.209.230
 xwgk                           A      202.108.129.56
 xxfw                           A      202.204.208.94
 xxgk                           A      202.108.129.56
 xy                             A      202.204.208.95
 xyh                            A      202.204.208.145
 xyy                            A      202.204.217.235
 xyzf                           A      202.204.209.110
 yanjing                        A      202.204.208.76
 ydxy                           A      202.108.129.56
 ygb                            A      202.108.129.81
 yjsjw                          A      202.108.129.24
 yscm                           A      202.108.129.81
 yuce                           A      202.204.208.66
 yx                             A      202.108.129.71
 yyxy                           A      202.108.129.56
 zf                             A      202.108.129.56
 zhaopin                        A      202.204.208.185
 zhcx                           A      202.204.208.185
 zhicheng                       A      202.108.129.206
 zjt                            A      202.204.218.67
 zkzs                           A      202.108.129.56
 zlgc                           A      202.204.212.4
 zp                             A      202.204.208.185
 zzb                            A      202.108.129.56
 cnu.edu.cn.                    SOA    dns.cnu.edu.cn root.cnu.edu.cn. (2015031701 30 30 360 3600)

修复方案:

严格限制允许区域传送的主机;使用TSIG key来严格定义区域传送的关系。

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-03-23 15:28

厂商回复:

最新状态:

暂无