当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0192133

漏洞标题:易汇金某系统命令执行/涉及311个项目源码/root权限/

相关厂商:易宝支付

漏洞作者: j14n

提交时间:2016-04-03 16:44

修复时间:2016-05-07 11:40

公开时间:2016-05-07 11:40

漏洞类型:命令执行

危害等级:高

自评Rank:15

漏洞状态:厂商已经修复

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2016-04-03: 细节已通知厂商并且等待厂商处理中
2016-04-03: 厂商已经确认,细节仅向厂商公开
2016-04-13: 细节向核心白帽子及相关领域专家公开
2016-04-23: 细节向普通白帽子公开
2016-05-03: 细节向实习白帽子公开
2016-05-07: 厂商已经修复漏洞并主动公开,细节向公众公开

简要描述:

rt

详细说明:

mask 区域 
1.http://**.**.**/loginfrom=%2F_
*****^列化^*****
*****^^^*****
*****c7abda936e85d84ed9ba.png&qu*****
*****c/ho*****
*****f3270a1497c14938f982.png&qu*****
*****af64c5fe90ec8145d1f1.png&qu*****
**********
*****kins/u*****
**********
*****38828b95a860585b97e7.png&qu*****
**********
*****s//zhiqiang.*****
**********
*****6f67e9dec8a95eda9a41.png&qu*****
*****enkins*****
*****^jo*****
*****;qa_eh*****
*****-insp*****
*****-kapt*****
*****tcha-we*****
*****-keyc*****
*****ng-k*****
*****gateway-*****
*****-kpos*****
*****pos-we*****
*****-list*****
*****istpri*****
*****ng-m*****
*****all-we*****
*****ng-m*****
*****ber-cas*****
*****ber-cas*****
*****-memb*****
*****ber-web*****
*****-memb*****
*****erchan*****
*****-moni*****
*****ng-n*****
*****-noti*****
*****-octo*****
*****-open*****
*****nmall-w*****
*****perati*****
*****-pom-*****
*****ng-p*****
*****os-web*****
*****ng-p*****
*****repayc*****
*****repayg*****
*****ateway-we*****
*****-prep*****
*****pay-web*****
*****repayw*****
*****-publ*****
*****ng-q*****
*****-quar*****
*****uickre*****
*****ng-r*****
*****ng-r*****
*****ng-r*****
*****ng-r*****
*****kin*****
*****ng-s*****
*****-sett*****
*****tings-w*****
*****etting*****
*****ng-s*****
*****-sett*****
*****-spli*****
*****-stat*****
*****-tran*****
*****ng-w*****
*****let-web*****
*****-wech*****
*****-wech*****
*****ithhol*****
*****pl*****
*****-bankch*****
*****-bankch*****
*****ng-bil*****
*****ng-bil*****
*****ng-bos*****
*****ng-bos*****
*****ng-cas*****
*****ng-cas*****
*****king-*****
*****hangesett*****
*****oreignex*****
*****-fundac*****
*****ng-gat*****
*****ng-gat*****
*****ng-kpo*****
*****-listpr*****
*****ember-ca*****
*****ng-mem*****
*****ng-mem*****
*****ng-mon*****
*****ng-not*****
*****ng-pre*****
*****-prepay*****
*****ng-qua*****
*****king-*****
*****king-*****
*****king-*****
*****ng-set*****
*****ng-set*****
*****ng-wec*****
*****ng-wec*****
*****</co*****
**********
*****ecae16ef8a5b0aa2c78c.png&qu*****
**********
*****Ethernet  HWaddr *****
*****.1  Bcast:0.0.0*****
*****484:7aff:fefe:9*****
*****G MULTICAST  MT*****
*****rrors:0 dropped:*****
*****ors:0 dropped:0 o*****
*****ons:0 txq*****
*****6 GiB)  TX bytes:*****
**********
*****et  HWaddr 00:*****
*****cast:124.193.180.71*****
*****26:b9ff:fe62:11*****
*****G MULTICAST  MT*****
*****rors:0 dropped:0*****
*****rors:0 dropped:0*****
*****s:0 txqueu*****
*****.9 MiB)  TX bytes*****
**********
*****et  HWaddr 00:*****
*****Bcast:172.19.27.25*****
*****26:b9ff:fe62:11*****
*****G MULTICAST  MT*****
*****rors:0 dropped:19*****
*****rors:0 dropped:0 *****
*****s:0 txqueu*****
***** GiB)  TX bytes:100*****
**********
*****et  HWaddr 00:*****
*****TICAST  MTU:*****
*****:0 dropped:0 ov*****
*****:0 dropped:0 ov*****
*****s:0 txqueu*****
*****.0 b)  TX by*****
**********
*****et  HWaddr 00:*****
*****TICAST  MTU:*****
*****:0 dropped:0 ov*****
*****:0 dropped:0 ov*****
*****s:0 txqueu*****
*****.0 b)  TX by*****
**********
*****cap:Local*****
*****27.0.0.1  M*****
*****r: ::1/128*****
*****UNNING  MTU:*****
*****errors:0 dropped*****
*****rors:0 dropped:0 *****
*****ons:0 txq*****
*****4 GiB)  TX bytes:46*****
**********
*****rnet  HWaddr 1*****
*****8db:61ff:feb3:b*****
*****G MULTICAST  MT*****
*****:0 dropped:0 ov*****
*****rs:0 dropped:0 o*****
*****ons:0 txq*****
***** b)  TX bytes:2*****
**********
*****rnet  HWaddr 4*****
*****02d:f3ff:feaa:b*****
*****G MULTICAST  MT*****
*****ors:0 dropped:0 *****
*****ors:0 dropped:0 *****
*****ons:0 txq*****
*****.3 MiB)  TX byte*****
**********
*****rnet  HWaddr 8*****
*****0cb:60ff:fe15:6*****
*****G MULTICAST  MT*****
*****rors:0 dropped:0*****
*****rors:0 dropped:0*****
*****ons:0 txq*****
*****.7 MiB)  TX bytes*****
**********
*****rnet  HWaddr C*****
*****cc5:a8ff:feee:8*****
*****G MULTICAST  MT*****
*****rors:0 dropped:0*****
*****rors:0 dropped:0*****
*****ons:0 txq*****
*****.2 MiB)  TX bytes*****
**********
*****rnet  HWaddr D*****
*****86c:f2ff:fed3:9*****
*****G MULTICAST  MT*****
*****ors:0 dropped:0 *****
*****ors:0 dropped:0 *****
*****ons:0 txq*****
*****.7 MiB)  TX byte*****
**********
*****rnet  HWaddr C*****
*****42f:27ff:feb0:9*****
*****G MULTICAST  MT*****
*****rors:0 dropped:0*****
*****rors:0 dropped:0*****
*****ons:0 txq*****
*****0 GiB)  TX bytes:*****
**********
*****rnet  HWaddr 3*****
*****c5b:e1ff:fe40:e*****
*****G MULTICAST  MT*****
*****rrors:0 dropped:*****
*****ors:0 dropped:0 o*****
*****ons:0 txq*****
*****0 GiB)  TX bytes:*****
**********
*****de&g*****
*****c/pa*****
*****0:root:/roo*****
*****bin:/sbi*****
*****:/sbin:/sb*****
*****r/adm:/sb*****
*****ool/lpd:/s*****
*****:/sbin:/*****
*****wn:/sbin:/s*****
*****:/sbin:/*****
*****/spool/mail*****
*****spool/uucp:/*****
*****tor:/root:/*****
*****/usr/games:*****
*****var/gopher:/*****
*****/var/ftp:/s*****
*****body:/:/s*****
*****sage bus:/:/*****
*****memory owner:/d*****
*****/var/cache/rpc*****
*****c/abrt:/sb*****
***** User:/var/lib*****
***** NFS User:/var/li*****
***** daemon:/:/*****
*****/ntp:/sbi*****
*****r":/var/empty/*****
*****pool/postfix*****
*****d SSH:/var/empty*****
*****::/:/sbi*****
*****be used by OProfile:/*****
*****:/var/www:/*****
*****/var/cache/ngi*****
*****/home/guomin*****
*****home/wen.x*****
*****home/luwei.p*****
*****ver:/var/lib*****
*****home/jingcha*****
*****/home/junjun*****
*****/store-home/qa*****
*****/home/yanwu*****
*****r:/var/lib/red*****
*****b:/home/gi*****
*****home/liang.z*****
*****data/store-hom*****
*****/var/lib/lda*****
*****rt/dist/uplo*****
*****port/YBZF:*****
*****/merchant-sftp/q*****
*****erchant-sftp/dev/*****
*****erchant-sftp/dev/*****
*****/merchant-sftp/q*****
*****/merchant-sftp/q*****
*****/merchant-sftp/q*****
*****ser:/var/lib/bean*****
*****/merchant-sftp/q*****
*****/home/db2in*****
*****home/cbp:*****
*****/home/ftpsite*****
*****:/home/ftpsi*****
*****home/ftpsite*****
*****ome/ftpsite*****
*****/www/doc/yan.ga*****
*****/ftpsite:/*****
*****ser:/var/lib/do*****
*****e/data/merchantrep*****
*****/data/merchantrepo*****
*****merchant-sftp/dev*****
*****merchant-sftp/qa/*****
*****cod*****

漏洞证明:

http://124.193.180.70/login?from=%2F
jenkins java反序列化命令执行
root权限

111.png


cat /etc/hosts

111.png


111.png


/root//.jenkins/users/

111.png


cat /root/.jenkins/users//zhiqiang.gao/config.xml

111.png


ls /root/.jenkins/jobs
311个job

qa_ehking-hg
qa_ehking-inspect
qa_ehking-kaptcha
qa_ehking-kaptcha-web-deploy
qa_ehking-keycenter
qa_ehking-kpos
qa_ehking-kpos-gateway-web-deploy
qa-ehking-kpossdk
qa_ehking-kpos-web-deploy
qa_ehking-listprice
qa-ehking-listprice-ws
qa_ehking-mall
qa_ehking-mall-web-deploy
qa_ehking-member
qa_ehking-member-cas-server
qa-ehking-member-cas-server
qa-ehking-member-web
qa_ehking-member-web-deploy
qa-ehking-member-ws
qa_ehking-merchantreport
qa-ehking-monitor
qa_ehking-notice
qa-ehking-notice-ws
qa_ehking-octopus
qa_ehking-openmall
qa_ehking-openmall-web-deploy
qa_ehking-operationlog
qa_ehking-pom-parent
qa_ehking-pos
qa_ehking-pos-web-deploy
qa_ehking-prepay
qa_ehking-prepaycashier
qa_ehking-prepaygateway
qa_ehking-prepaygateway-web-deploy
qa-ehking-prepaysdk
qa_ehking-prepay-web-deploy
qa-ehking-prepaywebsite
qa_ehking-publish
qa_ehking-quartz
qa-ehking-quartz-ws
qa_ehking-quickrecharge
qa_ehking-remit
qa-ehking-res
qa-ehking-rmb
qa_ehking-route
qa_ehking-rz
qa-ehking-sdk
qa_ehking-settings
qa_ehking-settings-web-deploy
qa-ehking-settings-ws
qa_ehking-settle
qa-ehking-settle-ws
qa_ehking-splitbill
qa_ehking-statistics
qa_ehking-transfer
qa_ehking-wallet
qa_ehking-wallet-web-deploy
qa-ehking-wechat-web
qa-ehking-wechat-ws
qa_ehking-withholding
sample
upload-ehking-bankchannel-web
upload-ehking-bankchannel-ws
upload-ehking-billing-ws
upload-ehking-bill-ws
upload-ehking-boss-web
upload-ehking-boss-ws
upload-ehking-cashier-web
upload-ehking-cashier-ws
upload-ehking-ehkpay
upload-ehking-exchangesettlement-ws
upload-ehking-foreignexchange-ws
upload-ehking-fundaccount-ws
upload-ehking-gateway-web
upload-ehking-gateway-ws
upload-ehking-kpossdk
upload-ehking-listprice-ws
upload-ehking-member-cas-server
upload-ehking-member-web
upload-ehking-member-ws
upload-ehking-monitor
upload-ehking-notice-ws
upload-ehking-prepaysdk
upload-ehking-prepaywebsite
upload-ehking-quartz-ws
upload-ehking-res
upload-ehking-rmb
upload-ehking-sdk
upload-ehking-settings-ws
upload-ehking-settle-ws
upload-ehking-wechat-web
upload-ehking-wechat-ws
upload-zl-p2p


111.png


docker0   Link encap:Ethernet  HWaddr 56:84:7A:FE:97:99  
          inet addr:172.17.42.1  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::5484:7aff:fefe:9799/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13110170 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14830097 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:6056157394 (5.6 GiB)  TX bytes:5294182536 (4.9 GiB)
em1       Link encap:Ethernet  HWaddr 00:26:B9:62:11:0D  
          inet addr:124.193.180.70  Bcast:124.193.180.71  Mask:255.255.255.248
          inet6 addr: fe80::226:b9ff:fe62:110d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3300757 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4012131 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:984519475 (938.9 MiB)  TX bytes:3340009506 (3.1 GiB)
em2       Link encap:Ethernet  HWaddr 00:26:B9:62:11:0F  
          inet addr:172.19.27.252  Bcast:172.19.27.255  Mask:255.255.255.0
          inet6 addr: fe80::226:b9ff:fe62:110f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:535974142 errors:0 dropped:193 overruns:0 frame:0
          TX packets:965799870 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:105685119466 (98.4 GiB)  TX bytes:1007707021894 (938.5 GiB)
em3       Link encap:Ethernet  HWaddr 00:26:B9:62:11:11  
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
em4       Link encap:Ethernet  HWaddr 00:26:B9:62:11:13  
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:185128254 errors:0 dropped:0 overruns:0 frame:0
          TX packets:185128254 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:462172414582 (430.4 GiB)  TX bytes:462172414582 (430.4 GiB)
veth4f2a1d0 Link encap:Ethernet  HWaddr 1A:DB:61:B3:B6:EA  
          inet6 addr: fe80::18db:61ff:feb3:b6ea/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48231 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:558 (558.0 b)  TX bytes:2025950 (1.9 MiB)
veth5c6ef6c Link encap:Ethernet  HWaddr 42:2D:F3:AA:B8:D1  
          inet6 addr: fe80::402d:f3ff:feaa:b8d1/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:205756 errors:0 dropped:0 overruns:0 frame:0
          TX packets:219737 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:20256215 (19.3 MiB)  TX bytes:31567155 (30.1 MiB)
veth60c6078 Link encap:Ethernet  HWaddr 82:CB:60:15:6E:3B  
          inet6 addr: fe80::80cb:60ff:fe15:6e3b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1107124 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1095082 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:279743582 (266.7 MiB)  TX bytes:271955164 (259.3 MiB)
veth6c7d6ee Link encap:Ethernet  HWaddr CE:C5:A8:EE:87:13  
          inet6 addr: fe80::ccc5:a8ff:feee:8713/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5363824 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4874106 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:806656141 (769.2 MiB)  TX bytes:4574274512 (4.2 GiB)
veth6e3d32d Link encap:Ethernet  HWaddr DA:6C:F2:D3:9E:39  
          inet6 addr: fe80::d86c:f2ff:fed3:9e39/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:199417 errors:0 dropped:0 overruns:0 frame:0
          TX packets:323838 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:31147342 (29.7 MiB)  TX bytes:24046322 (22.9 MiB)
veth960aa8f Link encap:Ethernet  HWaddr C6:2F:27:B0:9E:FC  
          inet6 addr: fe80::c42f:27ff:feb0:9efc/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2396618 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1465283 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:3278821675 (3.0 GiB)  TX bytes:209524682 (199.8 MiB)
veth9708318 Link encap:Ethernet  HWaddr 3E:5B:E1:40:E4:01  
          inet6 addr: fe80::3c5b:e1ff:fe40:e401/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:11137379 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14392649 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:3264771643 (3.0 GiB)  TX bytes:1634578699 (1.5 GiB)


cat /etc/passwd 

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
abrt:x:173:173::/etc/abrt:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
saslauth:x:499:76:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
oprofile:x:16:16:Special user account to be used by OProfile:/home/oprofile:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
nginx:x:498:498:nginx user:/var/cache/nginx:/sbin/nologin
guoming.qin:x:500:500::/home/guoming.qin:/bin/bash
wen.xu:x:501:500::/home/wen.xu:/bin/bash
luwei.peng:x:503:500::/home/luwei.peng:/bin/bash
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
jinchao.ma:x:502:500::/home/jingchao.ma:/bin/bash
junjun.xia:x:1002:500::/home/junjun.xia:/bin/bash
store:x:505:501::/home/data/store-home/qa/:/sbin/nologin
yanwu.shi:x:506:500::/home/yanwu.shi:/bin/bash
redis:x:497:497:Redis Server:/var/lib/redis:/sbin/nologin
git:x:496:496:GitLab:/home/git/:/bin/bash
liang.zhou:x:507:507::/home/liang.zhou:/bin/bash
dev-store:x:508:501::/home/data/store-home/dev/:/bin/bash
ldap:x:55:55:LDAP User:/var/lib/ldap:/sbin/nologin
upload:x:509:501::/export/dist/upload:/bin/bash
YBZF:x:510:510::/export/YBZF:/sbin/nologin
120140188:x:511:501::/home/data/merchant-sftp/qa/120140188:/bin/bash
120140141:x:512:501::/home/data/merchant-sftp/dev/120140141:/bin/bash
120140158:x:513:501::/home/data/merchant-sftp/dev/120140158:/bin/bash
120140175:x:514:501::/home/data/merchant-sftp/qa/120140175:/bin/bash
120140176:x:515:501::/home/data/merchant-sftp/qa/120140176:/bin/bash
120140177:x:516:501::/home/data/merchant-sftp/qa/120140177:/bin/bash
beanstalkd:x:495:495:beanstalkd user:/var/lib/beanstalkd:/sbin/nologin
120140234:x:517:501::/home/data/merchant-sftp/qa/120140234:/bin/bash
db2inst1:x:518:2000::/home/db2inst1:/bin/bash
cbp:x:519:2000::/home/cbp:/bin/bash
dongdong.wang:x:520:520::/home/ftpsite:/sbin/nologin
haoran.jiang:x:521:521::/home/ftpsite:/sbin/nologin
yuan.zhang:x:522:522::/home/ftpsite:/sbin/nologin
lin.cai:x:523:523::/home/ftpsite:/sbin/nologin
yan.gao:x:524:524::/home/data/www/doc/yan.gao/:/sbin/nologin
op:x:525:525::/home/ftpsite:/sbin/nologin
dockerroot:x:494:494:Docker User:/var/lib/docker:/sbin/nologin
dev-merchantreport:x:1004:501::/home/data/merchantreport/dev:/sbin/nologin
qa-merchantreport:x:1005:501::/home/data/merchantreport/qa/:/sbin/nologin
120140343:x:1006:501::/home/data/merchant-sftp/dev/120140343:/bin/bash
120140447:x:1007:501::/home/data/merchant-sftp/qa/120140447:/bin/bash


修复方案:

jenkins java反序列化命令执行

版权声明:转载请注明来源 j14n@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:5

确认时间:2016-04-03 22:45

厂商回复:

感谢您的提交,该系统非易宝系统,亦不在服务区内,已转交相关公司负责人,由于信息敏感,在此先确认,避免公开泄漏,鹏博士宽带也可以这样玩

最新状态:

2016-04-03:欢迎提交易宝系统漏洞,届时将会有豪华大宝剑等着您。

2016-05-07:该系统为易汇金办公网系统,非易宝系统,可以直接在wooyun上提交给易汇金。漏洞上报当天(04-03)已经修复。感谢白帽子的提交。