当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0115279

漏洞标题:广州中医药大学DNS域传送漏洞

相关厂商:广州中医药大学

漏洞作者: Doraemon

提交时间:2015-05-21 15:05

修复时间:2015-05-26 15:06

公开时间:2015-05-26 15:06

漏洞类型:网络敏感信息泄漏

危害等级:中

自评Rank:5

漏洞状态:已交由第三方合作机构(CCERT教育网应急响应组)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-05-21: 细节已通知厂商并且等待厂商处理中
2015-05-26: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

gzhtcm.edu.cn DNS服务器配置不当,导致信息泄露。

详细说明:

gzhtcm001.jpg


gzhtcm002.jpg


gzhtcm003.jpg

漏洞证明:

> ls gzhtcm.edu.cn
[gzzy420.gzhtcm.edu.cn]
gzhtcm.edu.cn. NS server = gzzy420.gzhtcm.edu.cn
gzhtcm.edu.cn. A 210.38.96.1
gzzy420 A 210.38.96.1
www1 A 210.38.111.141
nc A 210.38.111.33
www2 A 61.144.26.78
wlzx A 210.38.111.148
oa A 210.38.96.4
pxkskd A 210.38.96.50
mtrx0029 A 210.38.96.17
cloud A 210.38.111.179
my A 210.38.111.164
bb A 210.38.111.218
antivirus A 210.38.111.171
jsjks A 210.38.111.193
jpkc A 210.38.111.148
mail A 210.38.111.132
security A 210.38.111.161
gzzy450 A 210.38.96.5
gradmis A 210.38.111.194
library A 210.38.102.131
info A 210.38.111.169
bylw A 210.38.111.238
dagl A 210.38.102.54
jyjs A 210.38.111.210
traffic A 210.38.111.30
cwc A 210.38.99.35
bbs A 210.38.96.39
anni A 210.38.111.136
account A 210.38.96.8
gzzy10 A 210.38.96.2
netsec A 210.38.111.40
jxwz A 210.38.96.104
cms A 210.38.111.170
jxzyk A 210.38.96.102
netservice A 210.38.111.163
cctm A 210.38.111.237
ipbase A 210.38.111.191
jxjy A 210.38.111.233
gdzc A 210.38.99.36
www A 210.38.111.153
jw A 210.38.111.227
jw A 210.38.111.228
xyzx A 210.38.111.24
973 A 210.38.111.197
ftp A 210.38.111.22
xsc A 210.38.111.236
xnps A 210.38.111.135
blog A 210.38.111.212
> ls -d gzhtcm.edu.cn
[gzzy420.gzhtcm.edu.cn]
gzhtcm.edu.cn. SOA gzhtcm.edu.cn postmaster.gzhtcm.edu.cn. (
30026 28800 7200 604800 86400)
gzhtcm.edu.cn. NS gzzy420.gzhtcm.edu.cn
gzhtcm.edu.cn. TXT "v=spf1 ip4:210.38.96.17 ip4:210
.38.111.131 -all"
gzhtcm.edu.cn. MX 10 mail.gzhtcm.edu.cn
gzhtcm.edu.cn. A 210.38.96.1
gzzy420 A 210.38.96.1
www1 A 210.38.111.141
nc A 210.38.111.33
www2 A 61.144.26.78
pxks CNAME jxjy.gzhtcm.edu.cn
wlzx A 210.38.111.148
oa A 210.38.96.4
pxkskd A 210.38.96.50
mtrx0029 A 210.38.96.17
cloud A 210.38.111.179
my A 210.38.111.164
bb A 210.38.111.218
antivirus A 210.38.111.171
jsjks A 210.38.111.193
jpkc A 210.38.111.148
mail MX 10 mtrx0029.gzhtcm.edu.cn
mail A 210.38.111.132
security A 210.38.111.161
zyypx CNAME jxjy.gzhtcm.edu.cn
gzzy450 A 210.38.96.5
gradmis A 210.38.111.194
mtrxsrv CNAME mtrx0029.gzhtcm.edu.cn
library A 210.38.102.131
info A 210.38.111.169
bylw A 210.38.111.238
dagl A 210.38.102.54
jyjs A 210.38.111.210
traffic A 210.38.111.30
cwc A 210.38.99.35
sysfzx CNAME anni.gzhtcm.edu.cn
dns CNAME gzzy420.gzhtcm.edu.cn
bbs A 210.38.96.39
jxcgj CNAME ipbase.gzhtcm.edu.cn
anni A 210.38.111.136
account A 210.38.96.8
gzzy10 A 210.38.96.2
psy CNAME xsc.gzhtcm.edu.cn
bkqs CNAME gzzy10.gzhtcm.edu.cn
zj973 CNAME xnps.gzhtcm.edu.cn
netsec A 210.38.111.40
jxwz A 210.38.96.104
cms A 210.38.111.170
ftp1 CNAME www1.gzhtcm.edu.cn
campus CNAME xyzx.gzhtcm.edu.cn
it CNAME ipbase.gzhtcm.edu.cn
jxzyk A 210.38.96.102
netservice A 210.38.111.163
cctm A 210.38.111.237
ipbase A 210.38.111.191
jxjy A 210.38.111.233
gdzc A 210.38.99.36
www A 210.38.111.153
jw A 210.38.111.227
jw A 210.38.111.228
search CNAME security.gzhtcm.edu.cn
xyzx A 210.38.111.24
973 A 210.38.111.197
ftp A 210.38.111.22
xsc A 210.38.111.236
xnps A 210.38.111.135
blog A 210.38.111.212
gzhtcm.edu.cn. SOA gzhtcm.edu.cn postmaster.gzhtcm.edu.cn. (
30026 28800 7200 604800 86400)

修复方案:

严格限制允许区域传送的主机;使用TSIG key来严格定义区域传送的关系。
allow-transfer { x.x.x.x; };

版权声明:转载请注明来源 Doraemon@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-05-26 15:06

厂商回复:

最新状态:

暂无