乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-06-23: 细节已通知厂商并且等待厂商处理中 2014-06-27: 厂商已经确认,细节仅向厂商公开 2014-07-07: 细节向核心白帽子及相关领域专家公开 2014-07-17: 细节向普通白帽子公开 2014-07-27: 细节向实习白帽子公开 2014-08-07: 细节向公众公开
每周一都是一个让人想死的日子
http://grid.cma.gov.cn
//这个站存在的问题多了去了 我能力有限也就那样了NEW FILE //服务器上的信息泄露 总感觉这里能有个什么突破
http://grid.cma.gov.cn/cmag/trac/newticket?reporter=anonymous&summary=AssertionError%3A+Session+ID+not+set&description=%3D%3D%3D%3D+How+to+Reproduce+%3D%3D%3D%3D%0D%0A%0D%0AWhile+doing+a+POST+operation+on+%60%2Fprefs%2Fadvanced%60%2C+Trac+issued+an+internal+error.%0D%0A%0D%0A%27%27%28please+provide+additional+details+here%29%27%27%0D%0A%0D%0ARequest+parameters%3A%0D%0A{{{%0D%0A{%27__FORM_TOKEN%27%3A+u%27519a024571067c73f538aa5f%27%2C%0D%0A+%27action%27%3A+u%27save%27%2C%0D%0A+%27loadsid%27%3A+u%27%27%2C%0D%0A+%27newsid%27%3A+u%27fbcdb1e8daf790312eaf0c26%27%2C%0D%0A+%27panel_id%27%3A+u%27advanced%27%2C%0D%0A+%27restore%27%3A+u%27\u8f7d\u5165%27}%0D%0A}}}%0D%0A%0D%0AUser+agent%3A+%60Mozilla%2F5.0+%28Windows+NT+6.1%3B+rv%3A30.0%29+Gecko%2F20100101+Firefox%2F30.0%60%0D%0A%0D%0A%3D%3D%3D%3D+System+Information+%3D%3D%3D%3D%0D%0A%E7%B3%BB%E7%BB%9F%E4%BF%A1%E6%81%AF%E4%B8%8D%E5%8F%AF%E7%94%A8%0D%0A%0D%0A%3D%3D%3D%3D+Enabled+Plugins+%3D%3D%3D%3D%0D%0A%E6%8F%92%E4%BB%B6%E4%BF%A1%E6%81%AF%E4%B8%8D%E5%8F%AF%E7%94%A8%0D%0A%0D%0A%3D%3D%3D%3D+Python+Traceback+%3D%3D%3D%3D%0D%0A{{{%0D%0ATraceback+%28most+recent+call+last%29%3A%0D%0A++File+%22%2Fusr%2Flib%2Fpython2.6%2Fsite-packages%2FTrac-0.12.1-py2.6.egg%2Ftrac%2Fweb%2Fmain.py%22%2C+line+511%2C+in+_dispatch_request%0D%0A++++dispatcher.dispatch%28req%29%0D%0A++File+%22%2Fusr%2Flib%2Fpython2.6%2Fsite-packages%2FTrac-0.12.1-py2.6.egg%2Ftrac%2Fweb%2Fmain.py%22%2C+line+237%2C+in+dispatch%0D%0A++++resp+%3D+chosen_handler.process_request%28req%29%0D%0A++File+%22%2Fusr%2Flib%2Fpython2.6%2Fsite-packages%2FTrac-0.12.1-py2.6.egg%2Ftrac%2Fprefs%2Fweb_ui.py%22%2C+line+77%2C+in+process_request%0D%0A++++template%2C+data+%3D+chosen_provider.render_preference_panel%28req%2C+panel_id%29%0D%0A++File+%22%2Fusr%2Flib%2Fpython2.6%2Fsite-packages%2FTrac-0.12.1-py2.6.egg%2Ftrac%2Fprefs%2Fweb_ui.py%22%2C+line+97%2C+in+render_preference_panel%0D%0A++++self._do_load%28req%29%0D%0A++File+%22%2Fusr%2Flib%2Fpython2.6%2Fsite-packages%2FTrac-0.12.1-py2.6.egg%2Ftrac%2Fprefs%2Fweb_ui.py%22%2C+line+148%2C+in+_do_load%0D%0A++++req.session.get_session%28oldsid%29%0D%0A++File+%22%2Fusr%2Flib%2Fpython2.6%2Fsite-packages%2FTrac-0.12.1-py2.6.egg%2Ftrac%2Fweb%2Fsession.py%22%2C+line+189%2C+in+get_session%0D%0A++++self.bake_cookie%28%29%0D%0A++File+%22%2Fusr%2Flib%2Fpython2.6%2Fsite-packages%2FTrac-0.12.1-py2.6.egg%2Ftrac%2Fweb%2Fsession.py%22%2C+line+170%2C+in+bake_cookie%0D%0A++++assert+self.sid%2C+%27Session+ID+not+set%27%0D%0AAssertionError%3A+Session+ID+not+set%0D%0A}}}&create=%E5%88%9B%E5%BB%BA#
这套系统根本不用登陆 直接就可以进行 各种操作
http://grid.cma.gov.cn/cmag/portal/guest/52/r/
upload file // 这算是越权还是未授权
疑似sql盲注 //登陆框那里
http://grid.cma.gov.cn/cmag/portal/guest/home/r/
你们更专业
危害等级:中
漏洞Rank:10
确认时间:2014-06-27 22:30
CNVD确认并复现所述子站漏洞情况,已经转由CNCERT尝试通过已经有联系渠道联系网站管理单位,后续也将上报国家信息安全协调机构。
暂无