乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-04-09: 细节已通知厂商并且等待厂商处理中 2015-04-09: 厂商已经确认,细节仅向厂商公开 2015-04-19: 细节向核心白帽子及相关领域专家公开 2015-04-29: 细节向普通白帽子公开 2015-05-09: 细节向实习白帽子公开 2015-05-24: 细节向公众公开
还是getshell,真可怕。
上次提交了中兴政务美国站,深入后发现,还有个中国站的。1.站点http://enterprise.zte.com.cn/jbossws13/
2.再连菜刀连上后发现时断时续,可能有负载。看下图对比
确实是中兴政务中国站
主机名: ZTE-TEMPLATE161OS 名称: Microsoft(R) Windows(R) Server 2003, Enterprise EditionOS 版本: 5.2.3790 Service Pack 2 Build 3790OS 制造商: Microsoft CorporationOS 配置: 独立服务器OS 构件类型: Multiprocessor Free注册的所有人: zte注册的组织: zte产品 ID: 69813-641-1471096-45723初始安装日期: 2010-3-16, 21:21:57系统启动时间: 171 天 20 小时 44 分 6 秒系统制造商: VMware, Inc.系统型号: VMware Virtual Platform系统类型: X86-based PC处理器: 安装了 6 个处理器。 [01]: x86 Family 6 Model 15 Stepping 11 GenuineIntel ~1596 Mhz [02]: x86 Family 6 Model 15 Stepping 11 GenuineIntel ~1596 Mhz [03]: x86 Family 6 Model 15 Stepping 11 GenuineIntel ~1596 Mhz [04]: x86 Family 6 Model 15 Stepping 11 GenuineIntel ~1596 Mhz [05]: x86 Family 6 Model 15 Stepping 11 GenuineIntel ~1596 Mhz [06]: x86 Family 6 Model 15 Stepping 11 GenuineIntel ~1596 MhzBIOS 版本: INTEL - 6040000Windows 目录: C:\WINDOWS系统目录: C:\WINDOWS\system32启动设备: \Device\HarddiskVolume1系统区域设置: zh-cn;中文(中国)输入法区域设置: zh-cn;中文(中国)时区: (GMT+08:00) 北京,重庆,香港特别行政区,乌鲁木齐物理内存总量: 8,191 MB可用的物理内存: 6,896 MB页面文件: 最大值: 10,040 MB页面文件: 可用: 8,803 MB页面文件: 使用中: 1,237 MB页面文件位置: C:\pagefile.sys域: WORKGROUP登录服务器: \\ZTE-TEMPLATE161修补程序: 安装了 340 个修补程序。 [01]: File 1 [02]: File 1 [03]: File 1 [04]: File 1 [05]: File 1 [06]: File 1 [07]: File 1 [08]: File 1 [09]: File 1 [10]: File 1 [11]: File 1 [12]: File 1 [13]: File 1 [14]: File 1 [15]: File 1 [16]: File 1 [17]: File 1 [18]: File 1 [19]: File 1 [20]: File 1 [21]: File 1 [22]: File 1 [23]: File 1 [24]: File 1 [25]: File 1 [26]: File 1 [27]: File 1 [28]: File 1 [29]: File 1 [30]: File 1 [31]: File 1 [32]: File 1 [33]: File 1 [34]: File 1 [35]: File 1 [36]: File 1 [37]: File 1 [38]: File 1 [39]: File 1 [40]: File 1 [41]: File 1 [42]: File 1 [43]: File 1 [44]: File 1 [45]: File 1 [46]: File 1 [47]: File 1 [48]: File 1 [49]: File 1 [50]: File 1 [51]: File 1 [52]: File 1 [53]: File 1 [54]: File 1 [55]: File 1 [56]: File 1 [57]: File 1 [58]: File 1 [59]: File 1 [60]: File 1 [61]: File 1 [62]: File 1 [63]: File 1 [64]: File 1 [65]: File 1 [66]: File 1 [67]: File 1 [68]: File 1 [69]: File 1 [70]: File 1 [71]: File 1 [72]: File 1 [73]: File 1 [74]: File 1 [75]: File 1 [76]: File 1 [77]: File 1 [78]: File 1 [79]: File 1 [80]: File 1 [81]: File 1 [82]: File 1 [83]: File 1 [84]: File 1 [85]: File 1 [86]: File 1 [87]: File 1 [88]: File 1 [89]: File 1 [90]: File 1 [91]: File 1 [92]: File 1 [93]: File 1 [94]: File 1 [95]: File 1 [96]: File 1 [97]: File 1 [98]: File 1 [99]: File 1 [100]: File 1 [101]: File 1 [102]: File 1 [103]: File 1 [104]: File 1 [105]: File 1 [106]: File 1 [107]: File 1 [108]: File 1 [109]: File 1 [110]: File 1 [111]: File 1 [112]: File 1 [113]: File 1 [114]: File 1 [115]: File 1 [116]: File 1 [117]: File 1 [118]: File 1 [119]: File 1 [120]: File 1 [121]: File 1 [122]: File 1 [123]: File 1 [124]: File 1 [125]: File 1 [126]: File 1 [127]: File 1 [128]: File 1 [129]: File 1 [130]: File 1 [131]: File 1 [132]: File 1 [133]: File 1 [134]: File 1 [135]: File 1 [136]: File 1 [137]: File 1 [138]: File 1 [139]: File 1 [140]: File 1 [141]: File 1 [142]: File 1 [143]: File 1 [144]: File 1 [145]: File 1 [146]: File 1 [147]: File 1 [148]: File 1 [149]: File 1 [150]: File 1 [151]: File 1 [152]: File 1 [153]: File 1 [154]: File 1 [155]: File 1 [156]: File 1 [157]: File 1 [158]: File 1 [159]: File 1 [160]: File 1 [161]: File 1 [162]: File 1 [163]: File 1 [164]: File 1 [165]: File 1 [166]: Q147222 [167]: KB2604078 - QFE [168]: KB2656358 - QFE [169]: KB2656376-v2 - QFE [170]: KB933854 - QFE [171]: KB953298 - QFE [172]: KB979907 - QFE [173]: KB975558_WM8 [174]: KB925398_WMP64 [175]: KB2564958 - Update [176]: KB2079403 - Update [177]: KB2115168 - Update [178]: KB2124261 - Update [179]: KB2229593 - Update [180]: KB2296011 - Update [181]: KB2345886 - Update [182]: KB2347290 - Update [183]: KB2360937 - Update [184]: KB2378111 - Update [185]: KB2387149 - Update [186]: KB2393802 - Update [187]: KB2419635 - Update [188]: KB2423089 - Update [189]: KB2440591 - Update [190]: KB2443105 - Update [191]: KB2476490 - Update [192]: KB2478960 - Update [193]: KB2478971 - Update [194]: KB2481109 - Update [195]: KB2483185 - Update [196]: KB2485663 - Update [197]: KB2506212 - Update [198]: KB2507618 - Update [199]: KB2507938 - Update [200]: KB2508429 - Update [201]: KB2509553 - Update [202]: KB2510587 - Update [203]: KB2535512 - Update [204]: KB2536276-v2 - Update [205]: KB2544521 - Update [206]: KB2544893-v2 - Update [207]: KB2566454 - Update [208]: KB2570947 - Update [209]: KB2584146 - Update [210]: KB2585542 - Update [211]: KB2598479 - Update [212]: KB2603381 - Update [213]: KB2604078 - Update [214]: KB2618451 - Update [215]: KB2620712 - Update [216]: KB2621440 - Update [217]: KB2624667 - Update [218]: KB2631813 - Update [219]: KB2638806 - Update [220]: KB2644615 - Update [221]: KB2645640 - Update [222]: KB2646524 - Update [223]: KB2653956 - Update [224]: KB2655992 - Update [225]: KB2656358 - Update [226]: KB2656376-v2 - Update [227]: KB2659262 - Update [228]: KB2675157 - Update [229]: KB2676562 - Update [230]: KB2685939 - Update [231]: KB2686509 - Update [232]: KB2691442 - Update [233]: KB2698365 - Update [234]: KB2699988 - Update [235]: KB2705219 - Update [236]: KB2707511 - Update [237]: KB2709162 - Update [238]: KB2712808 - Update [网卡: 安装了 1 个 NIC。 [01]: Intel(R) PRO/1000 MT Network Connection 连接名: 本地连接 启用 DHCP: 否 IP 地址 [01]: 192.168.170.113
你们更专业。
危害等级:高
漏洞Rank:15
确认时间:2015-04-09 17:01
感谢~
暂无