成都理工大学DNS域传送漏洞 | wooyun-2015-0107935| WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0107935

漏洞标题：成都理工大学DNS域传送漏洞

漏洞作者： jye33

提交时间：2015-04-16 16:59

修复时间：2015-04-21 17:00

公开时间：2015-04-21 17:00

漏洞类型：重要敏感信息泄露

危害等级：中

自评Rank：5

漏洞状态：已交由第三方合作机构(CCERT教育网应急响应组)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

2015-04-16：细节已通知厂商并且等待厂商处理中
2015-04-21：厂商已经主动忽略漏洞，细节向公众公开

简要描述：

dns.cnu.edu.cn DNS服务器配置不当，导致信息泄露

详细说明：

漏洞证明：

mask 区域

*****du.cn cdut*****
**********
*****;>> @secdns.cd*****
*****er fo*****
*****ptions*****
*****ot.pridns.cdut.edu.cn. 20*****
*****N	NS	secdns*****
*****N	NS	pridns*****
*****N	MX	20 mai*****
*****6400	IN	A	2*****
*****. 86400 IN SRV 0 100*****
*****6400	IN	A	2*****
*****	SRV	0 100 1688 w*****
*****400	IN	A	1*****
*****	CNAME	www.aa*****
*****400	IN	A	202*****
*****0	IN	MX	0 www*****
*****400	IN	A	202*****
*****86400	IN	A	*****
*****	86400	IN	A	*****
*****	86400	IN	A	*****
*****. 86400	IN	A*****
*****400	IN	A	2*****
*****00	IN	A	202*****
*****0	IN	A	202.*****
*****IN	CNAME	wiz*****
*****400	IN	A	2*****
*****86400	IN	A	*****
*****6400	IN	CNAME*****
*****400	IN	A	20*****
*****0	IN	A	202.*****
*****IN	CNAME	ca.*****
*****IN	CNAME	ca.*****
*****IN	CNAME	ca.*****
*****IN	CNAME	ca.*****
*****IN	CNAME	ca.*****
*****IN	CNAME	ca.*****
*****n. 86400	IN	*****
*****6400	IN	A	2*****
*****n. 86400 IN	A*****
*****400	IN	A	202*****
*****6400	IN	A	2*****
*****6400	IN	A	20*****
*****. 86400	IN	A*****
*****. 86400	IN	A*****
*****cn. 86400 IN*****
*****86400	IN	A	*****
*****400	IN	A	20*****
*****86400	IN	A	*****
*****6400	IN	A	20*****
*****400	IN	A	202*****
*****6400	IN	A	20*****
*****86400	IN	A	*****
*****n. 86400	IN	*****
*****86400	IN	A	*****
*****400	IN	A	202*****
*****86400	IN	A	*****
*****6400	IN	A	20*****
*****86400	IN	A	*****
*****6400	IN	A	20*****
*****6400	IN	A	20*****
*****0	IN	A	202.*****
*****86400	IN	A	*****
*****6400	IN	A	20*****
*****6400	IN	A	20*****
*****86400	IN	A	*****
*****6400	IN	A	20*****
*****	IN	MX	10 core*****
*****	86400	IN	A	*****
*****n. 86400	IN	*****
*****0	IN	A	202.*****
*****0	IN	A	202.*****
*****0	IN	A	202.*****
*****IN	CNAME	octop*****
*****400	IN	A	12*****
*****6400	IN	A	2*****
*****6400	IN	A	2*****
*****86400	IN	A	*****
*****N	CNAME	octop*****
*****400	IN	A	202*****
*****6400	IN	A	2*****
*****400	IN	A	2*****
*****6400	IN	A	20*****
*****n. 86400 IN	A	*****
*****6400	IN	A	20*****
*****6400	IN	A	2*****
*****6400	IN	A	20*****
*****IN	CNAME	pri*****
*****	IN	CNAME	pri*****
*****400	IN	A	17*****
*****6400	IN	A	2*****
*****	86400	IN	A	*****
*****6400	IN	A	20*****
*****86400	IN	A	2*****
*****00	IN	A	202*****
*****6400	IN	A	20*****
*****86400	IN	A	*****
*****400	IN	A	20*****
*****0	IN	MX	0 em*****
*****6400	IN	A	20*****
*****	86400	IN	A	*****
***** 86400	IN	A	2*****
*****400	IN	A	202*****
*****6400	IN	A	20*****
*****0	IN	A	202*****
*****IN	CNAME	f3*****
*****IN	CNAME	f3*****
*****IN	CNAME	f3*****
*****IN	CNAME	f3*****
*****IN	CNAME	f3*****
*****86400	IN	A	*****
*****40	IN	A	20*****
*****40	IN	A	20*****
*****40	IN	A	20*****
*****40	IN	A	20*****
*****00	IN	A	20*****
*****00	IN	A	202*****
*****	2001:250:2005:0*****
*****6400	IN	A	20*****
*****. 86400	IN	A*****
*****. 86400 IN	A	*****
*****. 86400	IN	A*****
*****6400	IN	A	2*****
*****. 86400	IN	A*****
*****00	IN	A	202*****
*****6400	IN	A	2*****
*****6400	IN	A	20*****
*****6400	IN	A	2*****
*****86400	IN	A	2*****
*****6400	IN	A	20*****
*****400	IN	A	202*****
*****6400	IN	A	20*****
*****6400	IN	A	2*****
*****0	IN	A	202.*****
*****400	IN	A	202*****
*****0	IN	A	202.*****
*****400	IN	A	20*****
*****6400	IN	A	2*****
*****400	IN	A	20*****
*****n. 86400	IN	*****
*****6400	IN	A	2*****
*****0	IN	A	202.*****
*****400	IN	A	20*****
*****400	IN	A	202*****
*****. 86400	IN	A*****
*****6400	IN	A	20*****
*****86400	IN	A	*****
*****n. 86400 IN	A*****
*****6400	IN	A	20*****
*****	86400	IN	A	*****
*****	IN	AAAA	200*****
*****	IN	CNAME	www.i*****
*****	86400	IN	A	*****
*****6400	IN	A	20*****
*****6400	IN	A	2*****
*****400	IN	A	202*****
*****6400	IN	A	20*****
*****6400	IN	A	20*****
*****6400	IN	A	20*****
*****6400	IN	A	20*****
*****86400	IN	A	*****
*****400	IN	A	202*****
*****400	IN	A	202*****
*****400	IN	A	202*****
*****400	IN	A	20*****
*****6400	IN	A	2*****
*****	86400	IN	A*****
*****400	IN	A	2*****
*****86400	IN	A	*****
*****6400	IN	A	20*****
*****00	IN	A	202*****
*****00	IN	A	202*****
*****6400	IN	A	20*****
*****6400	IN	A	20*****
*****6400	IN	A	2*****
*****86400	IN	A	*****
*****86400	IN	A	*****
*****86400	IN	A	2*****
*****6400	IN	A	2*****
*****6400	IN	A	2*****
*****86400	IN	A	*****
*****6400	IN	A	20*****
*****86400	IN	A	*****
*****86400	IN	A	2*****
*****6400	IN	A	20*****
*****6400	IN	A	20*****
*****	MX	0 mail.li*****
*****400	IN	A	202*****
*****6400	IN	A	20*****
*****400	IN	A	202*****
*****IN	CNAME	wiza*****
*****	86400	IN	A	*****
*****86400	IN	A	*****
*****00	IN	A	202*****
*****	IN	MX	0 mai*****
*****400 IN	CNAME	di*****
*****	IN	CNAME	dinos*****
*****6400	IN	A	20*****
*****. 86400	IN	A*****
*****. 86400	IN	A*****
*****400	IN	A	202*****
*****400	IN	A	202*****
*****00	IN	A	202*****
*****6400	IN	A	2*****
*****6400	IN	A	20*****
*****00	IN	A	202*****
*****6400	IN	A	2*****
*****6400	IN	A	2*****
*****	86400	IN	A	*****
*****	86400	IN	A	*****
*****400	IN	A	202*****
*****win-p7jrjtg08un*****
*****.cn.	86400 IN *****
*****00	IN	A	202*****
*****IN	NS	dns.nc*****
*****6400	IN	A	2*****
*****0	IN	A	202.*****
*****n. 86400	IN	*****
*****n. 86400	IN	*****
*****N	CNAME	octop*****
*****	IN	CNAME	octo*****
*****400	IN	A	20*****
*****6400	IN	A	20*****
*****6400	IN	A	2*****
*****	CNAME	mail.o*****
*****400	IN	A	202*****
*****400	IN	A	2*****
*****86400	IN	A	*****
*****86400	IN	A	*****
*****0	IN	MX	0 oct*****
*****6400	IN	A	2*****
*****	86400	IN	A	*****
*****6400	IN	A	20*****
*****IN	CNAME	secd*****
*****400	IN	A	20*****
*****86400	IN	A	*****
*****400	IN	A	2*****
*****00	IN	A	202*****
*****00	IN	A	202*****
*****6400	IN	A	2*****
*****400	IN	A	20*****
*****6400	IN	A	2*****
*****6400	IN	A	2*****
*****00	IN	A	202*****
*****400	IN	A	20*****
*****00	IN	A	202*****
*****0	IN	A	202.*****
*****400	IN	A	202*****
*****86400	IN	A	2*****
*****	IN	CNAME	oct*****
*****6400	IN	A	2*****
*****. 86400	IN	A*****
*****400	IN	A	20*****
*****400	IN	A	202*****
*****6400	IN	A	20*****
*****. 86400	IN	A*****
*****400	IN	A	2*****
*****00	IN	A	202*****
*****00	IN	A	202*****
*****00	IN	A	202*****
*****00	IN	A	202*****
*****00	IN	A	202*****
*****00	IN	A	202*****
*****400	IN	A	2*****
*****IN	MX	10 stu*****
*****400	IN	A	20*****
*****86400	IN	A	*****
*****0	IN	MX	0 stu*****
*****400	IN	A	2*****
*****00	IN	A	202*****
*****86400	IN	A	*****
*****400	IN	A	2*****
*****400	IN	A	2*****
*****400	IN	A	2*****
*****400	IN	A	2*****
*****400	IN	A	2*****
*****400	IN	A	2*****
*****n. 86400	IN	*****
*****400	IN	A	20*****
*****86400	IN	A	*****
*****400	IN	A	20*****
*****86400	IN	A	*****
*****400	IN	A	2*****
*****6400	IN	A	20*****
*****6400	IN	A	20*****
*****86400	IN	A	*****
*****400	IN	A	202*****
*****6400	IN	A	2*****
*****400	IN	A	2*****
*****400	IN	A	2*****
*****0	IN	A	202.*****
*****6400	IN	A	2*****
*****6400	IN	A	2*****
*****400	IN	A	20*****
*****400	IN	A	202*****
*****86400	IN	A	2*****
*****00	IN	A	202*****
*****400	IN	A	2*****
*****6400	IN	A	*****
*****00	IN	A	202*****
*****6400	IN	A	*****
*****	win-av5r04bb745.*****
*****.edu.cn. 86400 *****
*****400	IN	A	2*****
*****00	IN	A	20*****
*****86400	IN	A	2*****
*****6400	IN	A	20*****
*****400	IN	A	20*****
*****	86400	IN	A	*****
*****6400	IN	A	2*****
*****00	IN	A	202*****
*****	IN	CNAME	su*****
*****0	IN	A	202*****
*****00	IN	A	202*****
*****00	IN	A	202*****
*****	IN	AAAA	200*****
*****86400	IN	A	*****
*****6400	IN	A	2*****
*****6400	IN	A	20*****
*****6400	IN	A	20*****
*****6400	IN	A	2*****
*****6400	IN	A	20*****
*****00	IN	A	61.*****
*****6400	IN	A	61*****
*****400	IN	A	202*****
*****400	IN	A	202*****
*****6400	IN	A	20*****
*****6400	IN	A	20*****
*****400	IN	A	202*****
*****6400	IN	A	2*****
*****86400	IN	A	*****
*****400	IN	A	20*****
*****6400	IN	A	20*****
*****6400	IN	A	20*****
*****6400	IN	A	2*****
*****	86400	IN	A	*****
*****6400	IN	A	20*****
*****6400	IN	A	20*****
*****400	IN	A	202*****
*****6400	IN	A	20*****
*****400	IN	A	2*****
*****. 86400 IN	CN*****
*****6400	IN	A	2*****
*****. 86400	IN	A*****
*****6400	IN	A	2*****
*****86400	IN	A	*****
*****6400	IN	A	2*****
*****400	IN	A	2*****
*****0	IN	MX	0 z*****
*****	86400	IN	A*****
*****	86400	IN	A	*****
*****	IN	MX	0 studen*****
*****6400	IN	A	2*****
*****400	IN	A	202*****
*****6400	IN	A	20*****
*****ot.pridns.cdut.edu.cn. 20*****
*****me: 74*****
*****8.34#53(202*****
*****r 14 18:*****
*****s (messages *****

修复方案：

严格限制允许区域传送的主机；使用TSIG key来严格定义区域传送的关系

版权声明：转载请注明来源 jye33@乌云

漏洞回应

厂商回应：

危害等级：无影响厂商忽略

忽略时间：2015-04-21 17:00

厂商回复：

漏洞Rank：8 (WooYun评价)

WooYun.org

漏洞概要关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0107935

漏洞标题：成都理工大学DNS域传送漏洞

相关厂商：成都理工大学

漏洞作者： jye33

提交时间：2015-04-16 16:59

修复时间：2015-04-21 17:00

公开时间：2015-04-21 17:00

漏洞类型：重要敏感信息泄露

危害等级：中

自评Rank：5

漏洞状态：已交由第三方合作机构(CCERT教育网应急响应组)处理

漏洞来源： http://www.wooyun.org，如有疑问或需要帮助请联系 [email protected]

Tags标签：无

4人收藏收藏
分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 jye33@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

WooYun.org

漏洞概要 关注数(24) 关注此漏洞

缺陷编号：wooyun-2015-0107935

漏洞标题：成都理工大学DNS域传送漏洞

相关厂商：成都理工大学

漏洞作者： jye33

提交时间：2015-04-16 16:59

修复时间：2015-04-21 17:00

公开时间：2015-04-21 17:00

漏洞类型：重要敏感信息泄露

危害等级：中

自评Rank：5

漏洞状态：已交由第三方合作机构(CCERT教育网应急响应组)处理

Tags标签： 无

4人收藏 收藏 var token=""; var id="wooyun-2015-0107935"; $(".btn-fav").click(function(){ CollectBug(id,token); }); 分享漏洞：

漏洞详情

披露状态：

简要描述：

详细说明：

漏洞证明：

修复方案：

版权声明：转载请注明来源 jye33@乌云

漏洞回应

厂商回应：

厂商回复：

最新状态：

漏洞概要关注数(24) 关注此漏洞

Tags标签：无

4人收藏收藏
分享漏洞：