乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2012-07-24: 积极联系厂商并且等待厂商认领中,细节不对外公开 2012-09-07: 厂商已经主动忽略漏洞,细节向公众公开
Struts2漏洞 满地都是了
Struts2漏洞http://www.t3pay.cn/gameAction!getSingleGame.action
http://www.t3pay.cn/gameAction!getSingleGame.action
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)?? 194drwxr-xr-x 2 root root 4096 2010-05-20 bindrwxr-xr-x 4 root root 1024 2010-12-14 boot-rw-r--r-- 1 503 mailuser 4819 2012-01-10 buttom18-2.pngdrwxr-xr-x 11 root root 3600 07-16 18:25 devdrwxr-xr-x 104 root root 12288 07-24 04:06 etcdrwxr-xr-x 43 root root 4096 07-19 17:30 homedrwxr-xr-x 13 root root 4096 2010-05-20 libdrwx------ 2 root root 16384 2010-05-20 lost+founddrwxr-xr-x 2 root root 4096 07-16 18:25 media-rw-r--r-- 1 root root 10240 06-21 16:59 mini.tardrwxr-xr-x 2 root root 0 07-16 18:25 miscdrwxr-xr-x 3 root root 4096 2010-05-28 mntdrwxr-xr-x 2 root root 0 07-16 18:25 netdrwxr-xr-x 3 root root 4096 2010-05-22 optdr-xr-xr-x 253 root root 0 07-16 18:24 procdrwxr-x--- 21 root root 4096 07-23 19:18 rootdrwxr-xr-x 2 root root 12288 2010-05-20 sbindrwxr-xr-x 2 root root 4096 2010-05-20 selinuxdrwxr-xr-x 2 root root 4096 2008-08-08 srvdrwxr-xr-x 11 root root 0 07-16 18:24 sysdrwxr-xr-x 3 root root 4096 2010-05-20 tftpbootdrwxrwxrwt 7 root root 12288 07-24 04:05 tmpdrwxr-xr-x 19 root root 4096 06-21 17:01 usrdrwxr-xr-x 27 root root 4096 05-21 20:42 vardrwxr-xr-x 19 root root 4096 2011-07-13 webbackupdrwxr-xr-x 3 root root 4096 07-09 15:11 WEB-INFdrwxr-xr-x 4 root root 4096 05-29 11:08 WebRoot
打补丁
未能联系到厂商或者厂商积极拒绝