乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2011-04-03: 积极联系厂商并且等待厂商认领中,细节不对外公开 2011-04-03: 厂商已经主动忽略漏洞,细节向公众公开
服务器安全设置不严格,导致敏感信息泄露。
System Linux DNS-1.localdomain 2.6.18-92.el5 #1 SMP Tue Apr 29 13:16:15 EDT 2008 x86_64 Build Date Apr 26 2010 16:55:57 Configure Command './configure' '--prefix=/usr/local/php' '--with-config-file-path=/usr/local/php/etc' '--with-mysql=/usr/local/mysql' '--with-mysqli=/usr/local/mysql/bin/mysql_config' '--with-iconv-dir=/usr/local' '--with-freetype-dir' '--with-jpeg-dir' '--with-png-dir' '--with-zlib' '--with-libxml-dir=/usr' '--enable-xml' '--disable-rpath' '--enable-discard-path' '--enable-safe-mode' '--enable-bcmath' '--enable-shmop' '--enable-sysvsem' '--enable-inline-optimization' '--with-curl' '--with-curlwrappers' '--enable-mbregex' '--enable-fastcgi' '--enable-fpm' '--enable-force-cgi-redirect' '--enable-mbstring' '--with-mcrypt' '--with-gd' '--enable-gd-native-ttf' '--with-openssl' '--with-mhash' '--enable-pcntl' '--enable-sockets' '--with-ldap' '--with-ldap-sasl' '--with-xmlrpc' '--enable-zip' '--enable-soap' Server API CGI/FastCGI Virtual Directory Support disabled Configuration File (php.ini) Path /usr/local/php/etc Loaded Configuration File /usr/local/php/etc/php.ini Scan this dir for additional .ini files (none) additional .ini files parsed (none) PHP API 20041225 PHP Extension 20060613 Zend Extension 220060519 Debug Build no Thread Safety disabled Zend Memory Manager enabled IPv6 Support enabled Registered PHP Streams compress.zlib, tftp, ftp, telnet, dict, ldap, http, https, ftps, php, file, data, zip Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, sslv2, tls Registered Stream Filters zlib.*, convert.iconv.*, string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed
http://search.gd118114.cn/info.php
无
未能联系到厂商或者厂商积极拒绝
漏洞Rank:2 (WooYun评价)