当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0120821

漏洞标题:中兴微品log日志文件泄漏,含cookie,订单信息

相关厂商:中兴通讯股份有限公司

漏洞作者: 路人甲

提交时间:2015-06-16 16:49

修复时间:2015-08-01 11:08

公开时间:2015-08-01 11:08

漏洞类型:敏感信息泄露

危害等级:中

自评Rank:7

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-06-16: 细节已通知厂商并且等待厂商处理中
2015-06-17: 厂商已经确认,细节仅向厂商公开
2015-06-27: 细节向核心白帽子及相关领域专家公开
2015-07-07: 细节向普通白帽子公开
2015-07-17: 细节向实习白帽子公开
2015-08-01: 细节向公众公开

简要描述:

RT

详细说明:

http://www.vpclub.cn/log.txt
造成用户订单信息泄漏,含cookie,订单信息
http://www.vpclub.cn/info.php

漏洞证明:

单:p201502092029501351&buyer_email=kehuzijinbu020@alipay.com&buyer_id=2088502970120570&discount=0.00&extra_common_param=1423484990&gmt_close=2015-05-11 20:42:14&gmt_create=2015-02-09 20:30:06&gmt_payment=2015-02-09 20:40:10&is_total_fee_adjust=N&notify_id=2528fb4eda77991087cc0c041b78adf256&notify_time=2015-05-11 20:56:31&notify_type=trade_status_sync&out_trade_no=p201502092029501351&payment_type=1&price=3624.00&quantity=1&seller_email=yuan.long@zte.com.cn&seller_id=2088111131208219&subject=支付微品会订单:p201502092029501351&total_fee=3624.00&trade_no=2015020900001000570052657669&trade_status=TRADE_FINISHED&use_coupon=N
执行日期:20150511210606
veryfy_result=HTTP/1.1 200 OK
,Server: Tengine/2.1.0
,Date: Mon, 11 May 2015 13:06:06 GMT
,Content-Type: text/html;charset=GBK
,Content-Length: 5
,Connection: close
,Set-Cookie: JSESSIONID=3062D77E19C67361F7769D2B2F94C597; Path=/
,Set-Cookie: ALIPAYJSESSIONID=GZ00sEtwDI4N2PQOUaTQBPI9VWnUeQsuperapiGZ00; Domain=.alipay.com; Path=/
,Set-Cookie: ctoken=HmFGgljuuzZKZEq++NVpq$i4atNEuk; Domain=.alipay.com; Path=/
,Cache-Control: max-age=0,no-cache
,Expires: Thu, 05 Jan 1995 22:00:00 GMT
,Pragma: no-cache
,Set-Cookie: spanner=xKlSdlF+FBp1LjfjizZbnpmL6ki0rR+k;path=/;secure;
,
,false
notify_url_log:sign=f1a73f72d9a4d1ce799beb16d2321fb2&mysign=ba211a724fd8c33d56bc28a7c444c4c0,bank_seq_no=6945369608&body=支付微品会订单:p201502092029501351&buyer_email=kehuzijinbu020@alipay.com&buyer_id=2088502970120570&discount=0.00&extra_common_param=1423484990&gmt_close=2015-05-11 20:42:14&gmt_create=2015-02-09 20:30:06&gmt_payment=2015-02-09 20:40:10&is_total_fee_adjust=N&notify_id=2528fb4eda77991087cc0c041b78adf256&notify_time=2015-05-11 21:06:05&notify_type=trade_status_sync&out_trade_no=p201502092029501351&payment_type=1&price=3624.00&quantity=1&seller_email=yuan.long@zte.com.cn&seller_id=2088111131208219&subject=支付微品会订单:p201502092029501351&total_fee=3624.00&trade_no=2015020900001000570052657669&trade_status=TRADE_FINISHED&use_coupon=N
执行日期:20150511220600
veryfy_result=HTTP/1.1 200 OK
,Server: Tengine/2.1.0
,Date: Mon, 11 May 2015 14:06:00 GMT
,Content-Type: text/html;charset=GBK
,Content-Length: 5
,Connection: close
,Set-Cookie: JSESSIONID=1C6FCCC70C11AAC9FEB1EF2D36F1DD04; Path=/
,Set-Cookie: ALIPAYJSESSIONID=GZ00C60SsCKoy2gRSkLb5j1zFVqiiXsuperapiGZ00; Domain=.alipay.com; Path=/
,Set-Cookie: ctoken=G4dnYOTjM0UmLdJHcRyAuNzSBbYY6W; Domain=.alipay.com; Path=/
,Cache-Control: max-age=0,no-cache
,Expires: Thu, 05 Jan 1995 22:00:00 GMT
,Pragma: no-cache
,Set-Cookie: spanner=cA9iKXhW744eBDJT+j3oIVc1QUHXGxNYXt2T4qEYgj0=;path=/;secure;
,
,false
notify_url_log:sign=f064601ead996929fcd33082b0b9c92f&mysign=1d8408a68fbb6a5d3c237cc630ba118c,bank_seq_no=6945369608&body=支付微品会订单:p201502092029501351&buyer_email=kehuzijinbu020@alipay.com&buyer_id=2088502970120570&discount=0.00&extra_common_param=1423484990&gmt_close=2015-05-11 20:42:14&gmt_create=2015-02-09 20:30:06&gmt_payment=2015-02-09 20:40:10&is_total_fee_adjust=N&notify_id=2528fb4eda77991087cc0c041b78adf256&notify_time=2015-05-11 22:06:00&notify_type=trade_status_sync&out_trade_no=p201502092029501351&payment_type=1&price=3624.00&quantity=1&seller_email=yuan.long@zte.com.cn&seller_id=2088111131208219&subject=支付微品会订单:p201502092029501351&total_fee=3624.00&trade_no=2015020900001000570052657669&trade_status=TRADE_FINISHED&use_coupon=N
执行日期:20150512000643
veryfy_result=HTTP/1.1 200 OK
,Server: Tengine/2.1.0
,Date: Mon, 11 May 2015 16:06:43 GMT
,Content-Type: text/html;charset=GBK
,Content-Length: 5
,Connection: close
,Set-Cookie: JSESSIONID=842A2D5E601503F3B1A6469995A0935E; Path=/
,Set-Cookie: ALIPAYJSESSIONID=GZ00wGgPRrDaLkZGzRAxEi1kVw2Z4bsuperapiGZ00; Domain=.alipay.com; Path=/
,Set-Cookie: ctoken=zARt4L9+4XoGZC94S2rB6sB5sLfFy5; Domain=.alipay.com; Path=/
,Cache-Control: max-age=0,no-cache
,Expires: Thu, 05 Jan 1995 22:00:00 GMT
,Pragma: no-cache
,Set-Cookie: spanner=RIiTW2XUS2/6M5xJg5L8caugCcAT5kry;path=/;secure;
,
,false
notify_url_log:sign=762e2c1bece7e135de4be7d5424bd332&mysign=2656116d3151f215197ccb1ea4d6a544,bank_seq_no=6945369608&body=支付微品会订单:p201502092029501351&buyer_email=kehuzijinbu020@alipay.com&buyer_id=2088502970120570&discount=0.00&extra_common_param=1423484990&gmt_close=2015-05-11 20:42:14&gmt_create=2015-02-09 20:30:06&gmt_payment=2015-02-09 20:40:10&is_total_fee_adjust=N&notify_id=2528fb4eda77991087cc0c041b78adf256&notify_time=2015-05-12 00:06:43&notify_type=trade_status_sync&out_trade_no=p201502092029501351&payment_type=1&price=3624.00&quantity=1&seller_email=yuan.long@zte.com.cn&seller_id=2088111131208219&subject=支付微品会订单:p201502092029501351&total_fee=3624.00&trade_no=2015020900001000570052657669&trade_status=TRADE_FINISHED&use_coupon=N
执行日期:20150512060625
veryfy_result=HTTP/1.1 200 OK
,Server: Tengine/2.1.0
,Date: Mon, 11 May 2015 22:06:25 GMT
,Content-Type: text/html;charset=GBK
,Content-Length: 5
,Connection: close
,Set-Cookie: JSESSIONID=7D4B0DF9F38798BCA20390F0198E6574; Path=/
,Set-Cookie: ALIPAYJSESSIONID=GZ00JnnqPEH5PmBZkpS1eYPBAhYcTnsuperapiGZ00; Domain=.alipay.com; Path=/
,Set-Cookie: ctoken=r+bqJnvuDOchsvQfqFZbG7pWaF98vD; Domain=.alipay.com; Path=/
,Cache-Control: max-age=0,no-cache
,Expires: Thu, 05 Jan 1995 22:00:00 GMT
,Pragma: no-cache
,Set-Cookie: spanner=tgKWOEjpdWV1LjfjizZbnpXktVNOO5Q6Xt2T4qEYgj0=;path=/;secure;
,
,false
notify_url_log:sign=203083e835428376938d527a6a7299b7&mysign=36a80ab22b41341a5559e27763251dd7,bank_seq_no=6945369608&body=支付微品会订单:p201502092029501351&buyer_email=kehuzijinbu020@alipay.com&buyer_id=2088502970120570&discount=0.00&extra_common_param=1423484990&gmt_close=2015-05-11 20:42:14&gmt_create=2015-02-09 20:30:06&gmt_payment=2015-02-09 20:40:10&is_total_fee_adjust=N&notify_id=2528fb4eda77991087cc0c041b78adf256&notify_time=2015-05-12 06:06:24&notify_type=trade_status_sync&out_trade_no=p201502092029501351&payment_type=1&price=3624.00&quantity=1&seller_email=yuan.long@zte.com.cn&seller_id=2088111131208219&subject=支付微品会订单:p201502092029501351&total_fee=3624.00&trade_no=2015020900001000570052657669&trade_status=TRADE_FINISHED&use_coupon=N
执行日期:20150512210604

修复方案:

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:低

漏洞Rank:5

确认时间:2015-06-17 11:07

厂商回复:

感谢~

最新状态:

暂无