当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0110777

漏洞标题:福建网龙旗下91.com/99.com网站97台服务器未授权漏洞

相关厂商:福建网龙

漏洞作者: 路人甲

提交时间:2015-04-28 08:28

修复时间:2015-06-12 09:42

公开时间:2015-06-12 09:42

漏洞类型:系统/服务运维配置不当

危害等级:高

自评Rank:20

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-04-28: 细节已通知厂商并且等待厂商处理中
2015-04-28: 厂商已经确认,细节仅向厂商公开
2015-05-08: 细节向核心白帽子及相关领域专家公开
2015-05-18: 细节向普通白帽子公开
2015-05-28: 细节向实习白帽子公开
2015-06-12: 细节向公众公开

简要描述:

RT

详细说明:

121.207.240.56            
121.207.240.57            
121.207.240.58            
121.207.240.42            
121.207.240.41            
121.207.240.86            
121.207.240.123           
121.207.240.120           
121.207.240.139           
121.207.240.157           
121.207.240.162           
121.207.240.182           
121.207.240.191           
121.207.240.231           
121.207.240.229           
121.207.242.49            
121.207.242.63            
121.207.242.133           
121.207.242.121           
121.207.242.118           
121.207.242.122           
121.207.242.123           
121.207.242.136           
121.207.242.153           
121.207.242.135           
121.207.231.222           
121.207.242.210           
121.207.242.209           
121.207.242.217           
121.207.242.192           
121.207.242.244           
121.207.243.33            
121.207.242.230
121.207.243.102           
121.207.243.101           
121.207.243.106           
121.207.243.105           
121.207.243.103           
121.207.243.104           
121.207.243.107           
121.207.247.21            
121.207.247.47            
121.207.247.73            
121.207.247.72            
121.207.247.53            
121.207.247.81            
121.207.247.49            
121.207.247.55            
121.207.247.71            
121.207.247.160           
121.207.247.171           
121.207.247.196           
121.207.247.197           
121.207.247.170           
121.207.250.10            
121.207.250.14            
121.207.250.28            
121.207.250.35            
121.207.250.46            
121.207.250.60            
121.207.250.83            
121.207.250.41            
121.207.250.62            
121.207.250.91            
121.207.250.152           
121.207.250.154           
121.207.250.170           
121.207.250.167           
121.207.250.211           
121.207.250.233           
121.207.250.209           
121.207.250.244           
121.207.250.243           
121.207.250.229           
121.207.250.241           
121.207.252.105           
121.207.254.19            
121.207.254.47            
121.207.254.76            
121.207.254.70            
121.207.254.74            
121.207.254.77            
121.207.254.60            
121.207.254.95            
121.207.254.89            
121.207.254.111           
121.207.254.170           
121.207.254.158           
121.207.254.202           
121.207.254.154           
121.207.254.224           
121.207.254.203           
121.207.254.153           
121.207.254.206           
121.207.254.172           
121.207.254.209           
121.207.254.168

漏洞证明:

随便抽一个

root@kali:~# rsync 121.207.240.56::
momo_simulate_91cloud	simulate.91cloud.momo.im
momo_v1api_cloud	v1.api.cloud.momo.im
momo_91cloud   	91cloud.momo.im
momo_scs_im    	scs.momo.im
momo_api_disk  	api.disk.91.com
momo_disk91    	disk.91.com
cloud91_i91com 	i.91.com
nd99U_jgw_gxt_monitor_99_com	monitor.sun.99.com

修复方案:

不知道

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:低

漏洞Rank:1

确认时间:2015-04-28 09:40

厂商回复:

感谢路人甲,此问题公司前段时间已经开始安排修复了。

最新状态:

暂无