当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0123678

漏洞标题:福建网龙某处IIS短目录枚举

相关厂商:福建网龙

漏洞作者: 路人甲

提交时间:2015-06-30 14:14

修复时间:2015-08-14 17:42

公开时间:2015-08-14 17:42

漏洞类型:应用配置错误

危害等级:高

自评Rank:15

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-06-30: 细节已通知厂商并且等待厂商处理中
2015-06-30: 厂商已经确认,细节仅向厂商公开
2015-07-10: 细节向核心白帽子及相关领域专家公开
2015-07-20: 细节向普通白帽子公开
2015-07-30: 细节向实习白帽子公开
2015-08-14: 细节向公众公开

简要描述:

RT

详细说明:

adm.g.99.com

漏洞证明:

[INFO] the server is vulerable, start scanning...
Found /a**** [scan in progress]
Found /c**** [scan in progress]
Found /g**** [scan in progress]
Found /l**** [scan in progress]
Found /s**** [scan in progress]
Found /x**** [scan in progress]
Found /w**** [scan in progress]
Found /as**** [scan in progress]
Found /u**** [scan in progress]
Found /co**** [scan in progress]
Found /gl**** [scan in progress]
Found /la**** [scan in progress]
Found /se**** [scan in progress]
Found /su**** [scan in progress]
Found /we**** [scan in progress]
Found /xm**** [scan in progress]
Found /asp**** [scan in progress]
Found /us**** [scan in progress]
Found /com**** [scan in progress]
Found /glo**** [scan in progress]
Found /lan**** [scan in progress]
Found /ser**** [scan in progress]
Found /sup**** [scan in progress]
Found /web**** [scan in progress]
Found /xml**** [scan in progress]
Found /aspn**** [scan in progress]
Found /use**** [scan in progress]
Found /comm**** [scan in progress]
Found /comp**** [scan in progress]
Found /glob**** [scan in progress]
Found /lang**** [scan in progress]
Found /serv**** [scan in progress]
Found /supp**** [scan in progress]
Found /webc**** [scan in progress]
Found /webr**** [scan in progress]
Found /xml_**** [scan in progress]
Found /aspne**** [scan in progress]
Found /user**** [scan in progress]
Found /commo**** [scan in progress]
Found /compo**** [scan in progress]
Found /globa**** [scan in progress]
Found /langc**** [scan in progress]
Found /servi**** [scan in progress]
Found /suppo**** [scan in progress]
Found /webct**** [scan in progress]
Found /webre**** [scan in progress]
Found /xml_r**** [scan in progress]
Found /aspnet**** [scan in progress]
Found /userc**** [scan in progress]
Found /common**** [scan in progress]
Found /compon**** [scan in progress]
Found /global**** [scan in progress]
Found /langco**** [scan in progress]
Found /servic**** [scan in progress]
Found /suppor**** [scan in progress]
Found /webctr**** [scan in progress]
Found /webref**** [scan in progress]
Found /xml_re**** [scan in progress]
Found /aspnet [scan in progress]
Found Dir /aspnet~1 [Done]
Found /userch**** [scan in progress]
Found /common [scan in progress]
Found Dir /common~1 [Done]
Found /compon [scan in progress]
Found Dir /compon~1 [Done]
Found /global*a** [scan in progress]
Found /langco [scan in progress]
Found Dir /langco~1 [Done]
Found /global*s** [scan in progress]
Found /servic [scan in progress]
Found Dir /servic~1 [Done]
Found /suppor [scan in progress]
Found Dir /suppor~1 [Done]
Found /webctr [scan in progress]
Found Dir /webctr~1 [Done]
Found /webref [scan in progress]
Found Dir /webref~1 [Done]
Found /xml_re [scan in progress]
Found Dir /xml_re~1 [Done]
Found /userch*l** [scan in progress]
Found /userch*m** [scan in progress]
Found /userch*x** [scan in progress]
Found /global*as* [scan in progress]
Found /global*sa* [scan in progress]
Found /userch*ml* [scan in progress]
Found /userch*xm* [scan in progress]
----------------------------------------------------------------
Dir: /aspnet~1
Dir: /common~1
Dir: /compon~1
Dir: /langco~1
Dir: /servic~1
Dir: /suppor~1
Dir: /webctr~1
Dir: /webref~1
Dir: /xml_re~1
----------------------------------------------------------------
9 Directories, 0 Files found in toal

修复方案:

修复

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:低

漏洞Rank:3

确认时间:2015-06-30 17:40

厂商回复:

感谢 路人甲 提供的漏洞安排修复

最新状态:

暂无