当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0113769

漏洞标题:顺丰速运某系统存在敏感信息泄露

相关厂商:顺丰速运

漏洞作者: V煞

提交时间:2015-05-13 09:46

修复时间:2015-06-28 16:54

公开时间:2015-06-28 16:54

漏洞类型:系统/服务补丁不及时

危害等级:高

自评Rank:15

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-05-13: 细节已通知厂商并且等待厂商处理中
2015-05-14: 厂商已经确认,细节仅向厂商公开
2015-05-24: 细节向核心白帽子及相关领域专家公开
2015-06-03: 细节向普通白帽子公开
2015-06-13: 细节向实习白帽子公开
2015-06-28: 细节向公众公开

简要描述:

企业版系统

详细说明:

http://sf-express.mlpplus.gikoo.cn/


存在心脏出血漏洞
2d80: A2 66 E1 01 00 00 00 00 00 00 00 00 00 00 00 00 .f..............
2d90: 0B 00 00 00 00 00 00 00 BD 66 E1 01 00 00 00 00 .........f......
2da0: 0C 00 00 00 00 00 00 00 CA 66 E1 01 00 00 00 00 .........f......
2db0: 00 00 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 ................
2dc0: E5 66 E1 01 00 00 00 00 0C 00 00 00 00 00 00 00 .f..............
2dd0: F2 66 E1 01 00 00 00 00 00 00 00 00 00 00 00 00 .f..............
2de0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
2df0: 00 00 00 00 00 00 00 00 80 67 E1 01 00 00 00 00 .........g......
2e00: 00 00 00 00 00 00 00 00 C0 67 E1 01 00 00 00 00 .........g......
2e10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
2e20: 00 68 E1 01 00 00 00 00 20 68 E1 01 00 00 00 00 .h...... h......
2e30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
2e40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
2e50: 60 68 E1 01 00 00 00 00 75 77 73 67 69 5F 70 61 `h......uwsgi_pa
2e60: 72 61 6D 00 00 52 45 4D 4F 54 45 5F 41 44 44 52 ram..REMOTE_ADDR
2e70: 00 00 24 72 65 6D 6F 74 65 5F 61 64 64 72 00 00 ..$remote_addr..
2e80: 75 77 73 67 69 5F 70 61 72 61 6D 00 00 52 45 4D uwsgi_param..REM
2e90: 4F 54 45 5F 50 4F 52 54 00 00 24 72 65 6D 6F 74 OTE_PORT..$remot
2ea0: 65 5F 70 6F 72 74 00 00 75 77 73 67 69 5F 70 61 e_port..uwsgi_pa
2eb0: 72 61 6D 00 00 53 45 52 56 45 52 5F 50 4F 52 54 ram..SERVER_PORT
2ec0: 00 00 24 73 65 72 76 65 72 5F 70 6F 72 74 00 00 ..$server_port..
2ed0: 75 77 73 67 69 5F 70 61 72 61 6D 00 00 53 45 52 uwsgi_param..SER
2ee0: 56 45 52 5F 4E 41 4D 45 00 6A 24 73 65 72 76 65 VER_NAME.j$serve
2ef0: 72 5F 6E 61 6D 65 00 00 75 77 73 67 69 5F 72 65 r_name..uwsgi_re
2f00: 61 64 5F 74 69 6D 65 6F 75 74 00 01 31 38 30 30 ad_timeout..1800
2f10: 00 00 75 77 73 67 69 5F 73 65 6E 64 5F 74 69 6D ..uwsgi_send_tim
2f20: 65 6F 75 74 00 74 31 38 30 30 00 65 70 72 6F 78 eout.t1800.eprox
2f30: 79 5F 72 65 61 64 5F 74 69 6D 65 6F 75 74 00 00 y_read_timeout..
2f40: 33 30 30 00 74 2F 75 73 72 2F 6C 6F 63 61 6C 2F 300.t/usr/local/
2f50: 6E 67 69 6E 78 2F 63 6F 6E 66 2E 64 2F 75 77 73 nginx/conf.d/uws
2f60: 67 69 2D 73 6C 6F 74 68 2E 63 6F 6E 66 00 73 65 gi-sloth.conf.se
2f70: 72 76 65 72 00 6D 6F 74 78 DF DF 01 00 00 00 00 rver.motx.......
2f80: 98 67 E1 01 00 00 00 00 D0 68 E1 01 00 00 00 00 .g.......h......
2f90: 08 6A E1 01 00 00 00 00 00 00 00 00 00 00 00 00 .j..............
2fa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
2fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
2fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
2fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
2fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
2ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3000: 00 00 00 00 00 00 00 00 98 6E E1 01 00 00 00 00 .........n......
3010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3050: F0 77 E1 01 00 00 00 00 38 7A E1 01 00 00 00 00 .w......8z......
3060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
30a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
30b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
30c0: 00 00 00 00 00 00 00 00 A0 6A E1 01 00 00 00 00 .........j......
30d0: 28 6D E1 01 00 00 00 00 00 00 00 00 00 00 00 00 (m..............
30e0: 00 00 00 00 00 00 00 00 50 6D E1 01 00 00 00 00 ........Pm......
30f0: 68 6D E1 01 00 00 00 00 78 6D E1 01 00 00 00 00 hm......xm......
3100: A8 6D E1 01 00 00 00 00 B0 6D E1 01 00 00 00 00 .m.......m......
3110: E8 6D E1 01 00 00 00 00 00 00 00 00 00 00 00 00 .m..............
3120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3130: 28 6E E1 01 00 00 00 00 78 6E E1 01 00 00 00 00 (n......xn......
3140: 00 00 00 00 00 00 00 00 A8 6F E1 01 00 00 00 00 .........o......
3150: 58 72 E1 01 00 00 00 00 70 74 E1 01 00 00 00 00 Xr......pt......
3160: 30 78 E1 01 00 00 00 00 70 76 E1 01 00 00 00 00 0x......pv......
3170: 00 00 00 00 00 00 00 00 10 7A E1 01 00 00 00 00 .........z......
3180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
31a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
31b0: 00 00 00 00 00 00 00 00 70 7A E1 01 00 00 00 00 ........pz......
31c0: 00 00 00 00 00 00 00 00 D0 7A E1 01 00 00 00 00 .........z......
31d0: 10 7B E1 01 00 00 00 00 40 7B E1 01 00 00 00 00 .{......@{......
31e0: A0 7B E1 01 00 00 00 00 B8 7B E1 01 00 00 00 00 .{.......{......
31f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3200: 10 78 E0 01 00 00 00 00 01 00 00 00 00 00 00 00 .x..............
3210: 20 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 ...............
3220: B0 54 E0 01 00 00 00 00 80 67 E1 01 00 00 00 00 .T.......g......
3230: 18 00 00 00 00 00 00 00 3A 9D E1 01 00 00 00 00 ........:.......
3240: 00 01 00 00 00 00 00 00 00 10 00 00 00 00 00 00 ................
3250: 00 04 00 00 00 00 00 00 04 00 00 00 00 00 00 00 ................
3260: 00 20 00 00 00 00 00 00 60 EA 00 00 00 00 00 00 . ......`.......
3270: 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3280: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3290: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
32a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
32b0: 00 00 00 00 00 00 00 00 F8 DA DD 01 00 00 00 00 ................
32c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
32d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
32e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
32f0: 15 00 00 00 00 00 00 00 52 9D E1 01 00 00 00 00 ........R.......
3300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3310: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3320: 10 BF DB 01 00 00 00 00 20 B8 E1 01 00 00 00 00 ........ .......
3330: 43 03 00 00 00 00 00 00 18 00 00 00 00 00 00 00 C...............
3340: 6E D4 DB 01 00 00 00 00 00 00 10 00 00 00 00 00 n...............
3350: FF FF FF FF FF FF FF 7F 00 02 00 00 00 00 00 00 ................
3360: 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 . ..............
3370: B4 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3390: 00 00 00 00 00 00 00 00 60 EA 00 00 00 00 00 00 ........`.......
33a0: 60 EA 00 00 00 00 00 00 E8 FD 00 00 00 00 00 00 `...............
33b0: 30 75 00 00 00 00 00 00 88 13 00 00 00 00 00 00 0u..............
33c0: 30 75 00 00 00 00 00 00 10 F3 DB 01 00 00 00 00 0u..............
33d0: 00 00 00 00 00 00 00 00 64 00 00 00 00 00 00 00 ........d.......
33e0: 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
33f0: 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3400: FF FF FF 7F 00 00 00 00 00 00 00 00 00 00 00 00 ................
3410: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3420: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3430: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3440: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3450: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3460: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3470: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3480: 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3490: 01 00 00 00 00 00 00 00 E9 03 00 00 00 00 00 00 ................
34a0: 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
34b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
34c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
34d0: 80 9A E1 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
34e0: 3C 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 <...............
34f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3500: 48 DF DB 01 00 00 00 00 00 04 00 00 00 00 00 00 H...............
3510: 20 00 00 00 00 00 00 00 90 78 E0 01 00 00 00 00 ........x......
3520: 80 DE DB 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
3530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3540: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3550: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3560: 50 AC E1 01 00 00 00 00 0B 00 00 00 00 00 00 00 P...............
3570: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3590: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
35a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
35b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
35c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
35d0: 04 00 00 00 00 00 00 00 F7 01 00 00 00 00 00 00 ................
35e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
35f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3600: 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 ................
3610: 05 00 00 00 00 00 00 00 F7 01 00 00 00 00 00 00 ................
3620: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3630: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3640: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3650: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3660: 00 08 00 00 00 00 00 00 40 00 00 00 00 00 00 00 ........@.......
3670: 00 00 00 00 00 00 00 00 0A 00 00 00 00 00 00 00 ................
3680: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3690: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
36a0: 08 15 E0 01 00 00 00 00 00 00 00 00 00 00 00 00 ................
36b0: 3D 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =...............
36c0: 01 00 00 00 00 00 00 00 FF FF FF FF FF FF FF FF ................
36d0: 2C 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ,...............
36e0: 38 28 5B 00 00 00 00 00 00 00 00 00 00 00 00 00 8([.............
36f0: 38 28 5B 00 00 00 00 00 00 00 00 00 00 00 00 00 8([.............
3700: 38 28 5B 00 00 00 00 00 0A 00 00 00 00 00 00 00 8([.............
3710: F8 45 5B 00 00 00 00 00 00 00 00 00 00 00 00 00 .E[.............
3720: 38 28 5B 00 00 00 00 00 00 00 00 00 00 00 00 00 8([.............
3730: 38 28 5B 00 00 00 00 00 00 00 00 00 00 00 00 00 8([.............
3740: 38 28 5B 00 00 00 00 00 10 00 00 00 00 00 00 00 8([.............
3750: 03 46 5B 00 00 00 00 00 00 00 00 00 00 00 00 00 .F[.............
3760: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3770: 00 00 00 00 00 00 00 00 38 28 5B 00 00 00 00 00 ........8([.....
3780: 00 00 00 00 00 00 00 00 38 28 5B 00 00 00 00 00 ........8([.....
3790: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
37a0: 00 00 00 00 00 00 00 00 60 EA 00 00 00 00 00 00 ........`.......
37b0: 60 EA 00 00 00 00 00 00 60 EA 00 00 00 00 00 00 `.......`.......
37c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
37d0: 00 10 00 00 00 00 00 00 00 20 00 00 00 00 00 00 ......... ......
37e0: 00 00 00 40 00 00 00 00 00 20 00 00 00 00 00 00 ...@..... ......
37f0: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ................
3800: FF FF FF FF FF FF FF FF 08 00 00 00 00 00 00 00 ................
3810: 00 10 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3820: 07 00 00 00 00 00 00 00 80 01 00 00 00 00 00 00 ................
3830: 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3840: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3850: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3860: B0 AC E1 01 00 00 00 00 E8 EA E1 01 00 00 00 00 ................
3870: 0F 00 00 00 00 00 00 00 FF FF FF FF FF FF FF FF ................
3880: FF FF FF FF FF FF FF FF 00 00 00 00 00 00 00 00 ................
3890: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
38a0: 01 00 00 80 00 00 00 00 06 00 00 00 00 00 00 00 ................
38b0: 00 00 00 00 00 00 00 00 88 13 00 00 00 00 00 00 ................
38c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
38d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
38e0: 00 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 ................
38f0: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3900: 05 00 00 00 00 00 00 00 68 4A 5B 00 00 00 00 00 ........hJ[.....
3910: 58 F0 E1 01 00 00 00 00 00 00 00 00 00 00 00 00 X...............
3920: 00 00 00 00 00 00 00 00 C8 ED E1 01 00 00 00 00 ................
3930: 30 EE E1 01 00 00 00 00 18 F2 E1 01 00 00 00 00 0...............
3940: 05 00 00 00 00 00 00 00 20 ED E1 01 00 00 00 00 ........ .......
3950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3960: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3990: 38 28 5B 00 00 00 00 00 00 00 00 00 00 00 00 00 8([.............
39a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
39b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
39c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
39d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
39e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
39f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3a10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3a20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3a30: 01 00 00 00 00 00 00 00 E8 03 00 00 00 00 00 00 ................
3a40: 00 02 00 00 00 00 00 00 40 00 00 00 00 00 00 00 ........@.......
3a50: 00 00 00 00 00 00 00 00 60 EA 00 00 00 00 00 00 ........`.......
3a60: 60 EA 00 00 00 00 00 00 60 EA 00 00 00 00 00 00 `.......`.......
3a70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3a80: 00 10 00 00 00 00 00 00 00 20 00 00 00 00 00 00 ......... ......
3a90: 00 00 00 40 00 00 00 00 00 20 00 00 00 00 00 00 ...@..... ......
3aa0: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ................
3ab0: FF FF FF FF FF FF FF FF 08 00 00 00 00 00 00 00 ................
3ac0: 00 10 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3ad0: 07 00 00 00 00 00 00 00 80 01 00 00 00 00 00 00 ................
3ae0: 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3af0: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3b10: 40 F3 E1 01 00 00 00 00 F8 FC E1 01 00 00 00 00 @...............
3b20: 0F 00 00 00 00 00 00 00 FF FF FF FF FF FF FF FF ................
3b30: FF FF FF FF FF FF FF FF 00 00 00 00 00 00 00 00 ................
3b40: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3b50: 01 00 00 80 00 00 00 00 06 00 00 00 00 00 00 00 ................
3b60: 00 00 00 00 00 00 00 00 88 13 00 00 00 00 00 00 ................
3b70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3b90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3ba0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3bb0: 07 00 00 00 00 00 00 00 00 5A 5B 00 00 00 00 00 .........Z[.....
3bc0: 00 00 00 00 00 00 00 00 38 28 5B 00 00 00 00 00 ........8([.....
3bd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3be0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3bf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3c00: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3c10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3c20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3c30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3c40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3c50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3c60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3c70: 60 EA 00 00 00 00 00 00 60 EA 00 00 00 00 00 00 `.......`.......
3c80: 60 EA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 `...............
3c90: 00 00 00 00 00 00 00 00 00 00 08 00 00 00 00 00 ................
3ca0: 00 00 10 00 00 00 00 00 00 00 00 40 00 00 00 00 ...........@....
3cb0: 00 00 10 00 00 00 00 00 FF FF FF FF FF FF FF FF ................
3cc0: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ................
3cd0: 04 00 00 00 00 00 00 00 00 00 08 00 00 00 00 00 ................
3ce0: 01 00 00 00 00 00 00 00 07 00 00 00 00 00 00 00 ................
3cf0: 80 01 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3d00: 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3d10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3d20: 00 00 00 00 00 00 00 00 D0 FE E1 01 00 00 00 00 ................
3d30: B8 C5 DD 01 00 00 00 00 0F 00 00 00 00 00 00 00 ................
3d40: FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ................
3d50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3d60: 01 00 00 00 00 00 00 00 01 00 00 80 00 00 00 00 ................
3d70: 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3d80: 88 13 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3d90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3da0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3db0: 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3dc0: 00 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 ................
3dd0: 58 5E 5B 00 00 00 00 00 00 00 00 00 00 00 00 00 X^[.............
3de0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3df0: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3e10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3e20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3e30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3e40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3e50: 38 28 5B 00 00 00 00 00 00 00 00 00 00 00 00 00 8([.............
3e60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3e70: 60 EA 00 00 00 00 00 00 60 EA 00 00 00 00 00 00 `.......`.......
3e80: 60 EA 00 00 00 00 00 00 00 00 00 00 00 00 00 00 `...............
3e90: 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 ................
3ea0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3eb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3ec0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3ed0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3ee0: 00 00 00 00 00 00 00 00 07 00 00 00 00 00 00 00 ................
3ef0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3f10: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ................
3f20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3f30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3f40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3f50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3f60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3f70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3f90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3fa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3fb0: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3fd0: 00 00 00 00 00 00 00 00 FF FF FF FF FF FF FF FF ................
3fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
3ff0: 6C 69 73 74 65 6E 00 00 10 40 00 00 00 00 00 00 listen...@......
WARNING: server returned more data than it should - server is vulnerable!
C:\Windows\System32>

漏洞证明:

QQ图片20150512214738.png

修复方案:

升级openssl

版权声明:转载请注明来源 V煞@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:8

确认时间:2015-05-14 16:52

厂商回复:

非常感谢!
该系统为外部购买的服务,已经通知供应商整改完成,多谢!!

最新状态:

暂无