乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-03-18: 细节已通知厂商并且等待厂商处理中 2015-03-18: 厂商已经确认,细节仅向厂商公开 2015-03-28: 细节向核心白帽子及相关领域专家公开 2015-04-07: 细节向普通白帽子公开 2015-04-17: 细节向实习白帽子公开 2015-05-02: 细节向公众公开
贝聊 贝聊目前已有2000多家幼儿园活跃,每天30万家长登陆使用,幼儿园覆盖全国26各个省、市、自治区
贝聊 1、Redis112.124.8.144 6382 未授权访问
2、memchached
root@kail:~# telnet 112.124.8.144 11211Trying 112.124.8.144...Connected to 112.124.8.144.Escape character is '^]'.statsSTAT pid 9622STAT uptime 4431760STAT time 1426085712STAT version 1.4.13STAT libevent 2.0.16-stableSTAT pointer_size 64STAT rusage_user 80.017000STAT rusage_system 82.741171STAT curr_connections 5STAT total_connections 196STAT connection_structures 11STAT reserved_fds 20STAT cmd_get 39STAT cmd_set 27STAT cmd_flush 2STAT cmd_touch 0STAT get_hits 27STAT get_misses 12STAT delete_misses 0STAT delete_hits 0STAT incr_misses 0STAT incr_hits 0STAT decr_misses 0STAT decr_hits 0STAT cas_misses 0STAT cas_hits 0STAT cas_badval 0STAT touch_hits 0STAT touch_misses 0STAT auth_cmds 0STAT auth_errors 0STAT bytes_read 6602STAT bytes_written 60421STAT limit_maxbytes 67108864STAT accepting_conns 1STAT listen_disabled_num 0STAT threads 4STAT conn_yields 0STAT hash_power_level 16STAT hash_bytes 524288STAT hash_is_expanding 0STAT expired_unfetched 0STAT evicted_unfetched 0STAT bytes 270STAT curr_items 3STAT total_items 27STAT evictions 0STAT reclaimed 4END
root@kail:~# telnet 112.124.8.144 11211Trying 112.124.8.144...Connected to 112.124.8.144.Escape character is '^]'.stats itemsSTAT items:1:number 2STAT items:1:age 4342169STAT items:1:evicted 0STAT items:1:evicted_nonzero 0STAT items:1:evicted_time 0STAT items:1:outofmemory 0STAT items:1:tailrepairs 0STAT items:1:reclaimed 4STAT items:1:expired_unfetched 0STAT items:1:evicted_unfetched 0STAT items:2:number 1STAT items:2:age 4343604STAT items:2:evicted 0STAT items:2:evicted_nonzero 0STAT items:2:evicted_time 0STAT items:2:outofmemory 0STAT items:2:tailrepairs 0STAT items:2:reclaimed 0STAT items:2:expired_unfetched 0STAT items:2:evicted_unfetched 0END
ok
···
权限控制
危害等级:中
漏洞Rank:8
确认时间:2015-03-18 14:41
已经确认问题。非常感谢爱上平顶山的反馈。
暂无