乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-04-14: 细节已通知厂商并且等待厂商处理中 2015-04-20: 厂商已经主动忽略漏洞,细节向公众公开
贵州民族大学心脏滴血漏洞
1.贵州民族大学心脏滴血漏洞mail.gzmu.edu.cn
@ @ -P穁?皤氥鬁c3A7l$`躀g慢? 3? & ' ( ) * + 3 硝淬'41?[O D?????? ?< / ?A ???? m 4 2 # l\絢?蘧??,悢2禂W=^%?褼厲1(i譐3t uO ?罌 `罀罋 ?罊 } ~ 嵗柪F 罉??罃缿缾绹阔缼缹 k j缷缐繪?绤 ??O G繯 8 B绖纼纻纴纮 嚼} " 崩e扩?纔纓繹?纑繱纐纏 嚴纍 續 d h纋?纊?纉纆纅纚 咐±c繿繼繻 5?繺 祭Y ├X繵繴繦? ? K ?? ?喞?3繧繳繥罈繣 €繢繟繞?? 櫪6??纜纒繬 '缊???罆繲 1纘????? ??V ?J?? 9? ?吕R? ?纠~繸繮 ?蠢/ 袄( M? ???@ T ? 澙8 m ??????>纎 ???y ( U x s 2 i f c a ?R L D ? 6繩 ! I 8 6 <!-- 鐧诲綍鎸夐挳 --> <input type="submit" class="btn" value="鐧? 褰? style="float:right"/> <div style="clear:both"></div> </div> </form> </div> </div> <div class="f" id="f" style="display:none;"> <!--div class="fl"><img src="images/tmp.jpg" /></div> <div class="fr"> <a href="#">2012-9-5 eyou.net鏇存柊鑷?.0.1</a> <a href="#">涓€澶ч偖浠剁郴缁熻蒋浠跺強鏁翠綋瑙e喅鏂规鎻愪緵鍟?/a> <a href="#">涓浗绗竴澶ч偖浠剁郴缁熻蒋浠跺強鏁寸郴缁熻蒋浠跺強鏁翠綋瑙e喅鏂规鎻愪緵鍟?/a> <a href="#">涓浗绗竴澶ч偖浠剁郴缁熷喅鏂规鎻愪緵鍟?/a> </div--> </div> <div class="login_drag" id="drag_target"></div></div><div class="b"><!-- 鐗堟潈淇℃伅寮€濮?-->eYouMail 5 ©2009-2012 eYou.net 涓浗绗竴澶ч偖浠剁郴缁熻蒋浠朵笌鏁翠綋瑙e喅鏂规鎻愪緵鍟?nbsp; <!-- 鐗堟潈淇℃伅缁撴潫 --></div><script type="text/javascript" src="/tpl/user/public/js/load_cache.js"></script></body><!-- 鐧诲綍鐣岄潰楂樼骇澶勭悊寮€濮?--><script type="text/javascript" src="/tpl/login/user/js/login.js"></script><script type="text/javascript">if (window.Login) { try { (new Login()).init(); } catch(e){}}</script><!-- 鐧诲綍鐣岄潰楂樼骇澶勭悊缁撴潫 --></html>filter_match_algo1_eyou_tpl_id\" checked \/>\u5305\u542b\u5173\u952e\u5b57\n <\/td>\n <\/tr>\n\n <tr>\n <th>\u52a8 \u4f5c:<\/th>\n <td>\n <input type=\"radio\" value=\"0\" name=\"action\" id=\"sms_filter_action0_eyou_tpl_id\" checked\/>\u4e0d\u53d1\u9001\u901a\u77e5\n &` ヽ s抪 `減 Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cache-controlPragma no-cache pragmaContent-Length 338 content-lengthConnection close connection(峱 `? 鑽p 鯈p 峱 Content-Type text/html content-type 垂n y弍 y弍 H巔 姀p HTTP/1.1 200 OKServer: nginx/1.4.1Date: Thu, 26 Jun 2014 12:17:15 GMTContent-Type: text/htmlContent-Length: 338Connection: keep-aliveP3P: CP=CAO PSA OURExpires: Thu, 19 Nov 1981 08:52:00 GMTCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cache 巔 xp ` 牰n 鞖! <恜 審p ?p ?p X,p X宲 篮& H纍 <恜 牰n € 纼&?榷n € 皭p 4恜 222.198.159.163 - - [26/Jun/2014:20:17:15 +0800] 200 "GET /user/?q=data&_data=recent%3D&zid=701ed549b3f456a4f01a5c6a8243e00b HTTP/1.1" 338 "http://mail.gzmu.edu.cn/user/?q=base" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/6.0; Touch; .NET4.0E; .NET4.0C; Tablet PC 2.0; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729; MDDCJS)" "-" ! " # $ % & ( ( ( ( * . 0 0 1 4 5 6 6 8 9 ; < ? @ @ A E I K P P Q T X \ _ ` d h k l m p q u w ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? - E T q } ? ? ? ? r ? g ? 7 | ? ? n !-- \u672c\u5730POP\u8bbe\u7f6e\u90e8\u5206--> \n<div id=\"poploc_eyou_tpl_id\" style=\"display:none\">\n <div class=\"toolbar\"><strong id=\"poploc_toolbar_eyou_tpl_id\">POP3\/SMTP\u8bbe\u7f6e<\/strong><\/div>\n <div class=\"setpad\">\n <table class=\"info2\" style=\"display:none;margin-bottom:20px;\" id=\"tb_pop3_settings_eyou_tpl_id\" id=\"\" width=\"100%\" border=\"0\" cellpa ! . E b p ? ? ? ? ? ? ( G X k ? ? 9 ? ( ? ? # - < H X ? ? e0d\u5728\u670d\u52a1\u5668\魧p 铓'钑p 鼩'軚p ? e48\ ) ? ? ? ? ? ? ? o ? ( d e ? s l o s ? t " - w d ( " c l s p e l o p e a e r i s V 0 d a < f = a b - > c d n e f . o / m i m 0 ? k l r m C n 0 o ? ? p 1 r s 3 ( { } L M 4 dio\" value=\"4\" name=\? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? e ? ? ? ? ? ? ? ? ? t ? o ? a ? i ? ? ? ? ? s r ? ? n " l ? ? . ? ? / c ? p ( d ? ? u f ? p yS ? ? ? ' ? ? - ? ? ? ? ? ~ € } b h | 1 : { = y z x 0 g ? m 3 v w u t s q r ; p _ o < n m k i l h j y ) , g f { ? > ? 2 w e c d a ` _ b ^ ] \ T ? ? 6 Z Y X W [ } C v 5 ? V U S T Q P R N O x ? k L J I K M ? ? & P 7 8 + 9 4 L H ! ? ? G F D E B C @ ? = < > A ; 9 : ? ? [ ? ? ? D I € ? M ? ? ] 6 7 5 3 4 2 8 ? ? j z # ? U ? ? ? ? ? ? ? ? S * ? ? ? / 0 1 . + , * ) ' ( & - ? ? ? ? ? A ? ? B ? ? E H | N R ? ? 8 7 6 5 4 3 2 1 0 / . - , + * ) ( ' & " o a n "d _id\" class=\"info2\" id=\"\" width \" bo der=\"0\" cellpa = "0\"> =\"2\">\n <input type=\"checkbox\" name=\"smtp_save_sent\" id=\"smtp_save_sent_eyou_tp`lt @ `靤 4f 鱙 \u5230\u670d\u52a1\u5668\u5df2\u53d1\u9001\n <\/td>\n <\/tr>\n <\/table>\n <\/div>\n<\/div>\n<!-- end \u672c\u5730POP\u8bbe\u7f6e\u90e8\u5206 -->\n\n<!-- \u5176\u4ed6pop\u7528\u6237\u8bbe\u7f6e\u90e8\u5206-->\n<div id=\"popacct_eyou_tpl_id\" style=\"display:none\">\t\t\t\t\t\t\n <div class=\"toolbar\">\n <div class=\"tbmenu_item\" style=\"float:right;\">\n <b class=\"t_b_menu\" id=\"pop_button_eyou_tpl_id\">\n <strong>\u6dfb\u52a0POP\u8d26\u6237<\/strong>\n <\/b>\n <\/div>\n <strong>\u5176\u4ed6POP\u8d26\u6237<\/strong>\n <\/div>\n\n <div class=\"setpad\">\n <form name=\"popacct2_form\" id=\"popacct2_form_eyou_tpl_id\" method=\"POST\" action=\"\">\n <table class=\"info2\" style=\"display:none\" id=\"popacct_add_eyou_tpl_id\">\n <tr>\n <td colspan=\"2\"><strong class=\"f14\">\u6dfb\u52a0\u5176\u4ed6POP\u8d26\u6237<\/strong><\/td>\n <\/tr>\n <tr>\n <th width=\"20%\">POP\u90ae\u7bb1\u5730\u5740:<\/th>\n <td>\n <input type=\"text\" name=\"pop_email\" id=\"pop_email_eyou_tpl_id\" class=\"text left\" size=\"30\"\/>\n <div style=\"display:none\" id=\"pop_email_status_eyou_tpl_id\" class='left'><\/div>\n <\/td>\n <\/tr>\n <tr>\n <th width=\"20%\">POP\u670d\u52a1\u5668\u5730\u5740:<\/th>\n <td>\n <input type=\"text\" name=\"mail_server\" id=\"mail_server_eyou_tpl_id\" class=\"text left\" size=\"30\" \/>\n <div style=\"display:none\" id=\"mail_server_status_eyou_tpl_id\" class='left'><\/div>\n <\/td>\n <\/tr>\n <tr>\n <th width=\"20%\">POP\u7aef\u53e3:<\/th>\n <td>\n <input type=\"text\" name=\"pop3_port\" id=\"pop3_port_eyou_tpl_id\" class=\"text left\" value=\"110\" size=\"30\" \/>\n <div style=\"display:none\" id=\"pop3_port_status_eyou_tpl_id\" class='left'><\/div>\n <\/td>\n <\/tr>\n <tr>\n <th>\u7528\u6237\u540d:<\/th>\<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>浜块偖鐢靛瓙閭欢绯荤粺</title><meta name="description" content="浜块偖鐢靛瓙閭欢绯荤粺锛屼嚎閭偖浠舵暣浣撹В鍐虫柟妗? /><meta name="keywords" content="浼佷笟閭欢锛屼嚎閭紒涓氶偖浠讹紝浜块偖閭欢鏁翠綋瑙e喅鏂规" /><style>*{ margin:0; padding:0}body{ font-family:"寰蒋闆呴粦",Verdana, Geneva, sans-serif; font-size:12px; background:#fff}.t{ height:76px; line-height:90px; background:#f5f5f5; border-bottom:1px solid #e5ecf0; overflow:hidden;}a{ outline:none}.h{ width:964px; margin:0 auto;}.logo{ padding-top:15px; float:left}.help{ float:right; font-size:14px; font-weight:700; color:#787878; text-decoration:none;}.help:hover{ text-decoration:underline}.c{ width:964px; height:460px; margin:20px auto 0 auto; background:url(/tpl/login/user/images/login_bg_6.jpg) no-repeat; position:relative}.b{ height:70px; border-top:1px solid #fff; border-radius:0 0 5px 5px; background:#f7f7f7; clear:both; width:964px; margin:0 auto; text-align:center; line-height:70px; color:#999;}ul{ list-style:none}.box{ width:376px;position:absolute; box-shadow:0 0 5px rgba(0,0,0,0.4)}.text_item{height:38px; line-height:38px; width:292px; margin:15px 0 30px 0;}.text{ height:36px; line-height:36px;outline:none; font-size:20px;width:280px;border:1px solid #c7c7c7; background:#f3f3f3; border-radius:2px; padding:0 5px; font-family:"寰蒋闆呴粦"}.text_f{ height:36px; line-height:36px;outline:none; font-size:20px;width:280px; padding:0 5px;border:1px solid #0167ff; background:#fff; border-radius:2px; box-shadow:0 0 3px rgba(0,0,0,0.4); font-family:"寰蒋闆呴粦"}.bl{color:#999; width:292px; overflow:hidden; position:relative; top:-3px; font-size:14px;}.bl a{ color:#999; text-decoration:none}.bl a:hover{ color:#333; text-decoration:underline;}.bl input{ position:relative; top:2px; opacity:0.7;}.tab{ border-bottom:3px solid #ff7e00; border-bottom:3px solid rgba(255,126,0,0.8); overflow:hidden;}.tab li{ height:40px; line-height:40px; float:left; width:89px; text-align:center; background:url(/tpl/login/user/images/tabli.png); _background:#333;color:#fff; font-size:16px; cursor:pointer;}.tab li:hover{background:url(/tpl/login/user/images/tablihover.png); _background:#000; }.tab li.current{background:url(/tpl/login/user/images/tablicurrent.png); _background:#ff7e00;}.tab li.dragbar{ width:20px; background:url(/tpl/login/user/images/dragbar.png); cursor:move}.boxc{ background:#fff; padding:20px 0 30px 42px;}.pop{ border:1px solid #0167ff; position:absolute; width:290px; background:#fff; border-top:none;z-index:100; border-radius:0 0 2px 2px; box-shadow:0 2px 3px rgba(0,0,0,0.4); left:42px; top:136px; z-index:1000}.pop a{ overflow:hidden;display:block; height:34px; line-height:34px; font-size:14px; color:#666; margin:0 5px; font-weight:700; text-decoration:none;}.pop p:hover{ background:#f6f6f6}.pop p:first-child a{ border-top:1px dotted #eee;}.pop p.first{ color:#000; background:#b5c6e6;}.fp{ position:absolute; right:0; top:-14px; line-height:12px; text-decoration:none; color:#333}.fp:hover{ text-decoration:underlined; color:#333}.yzm{ float:right; display:block; height:38px; background:#eee; width:135px;}.yzmbox{ position:absolute; height:38px; width:112px; background:#eee; left:000; top:-40px;}a.zc{ font-weight:700; color:#f60}a.zc:hove
2.利用1中的cookie可以登录系统
危害等级:无影响厂商忽略
忽略时间:2015-04-20 14:22
漏洞Rank:15 (WooYun评价)
暂无