漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0109843
漏洞标题:华为某企业设备弱口令
相关厂商:华为技术有限公司
漏洞作者: 李旭敏
提交时间:2015-04-23 11:21
修复时间:2015-06-07 14:28
公开时间:2015-06-07 14:28
漏洞类型:后台弱口令
危害等级:中
自评Rank:8
漏洞状态:厂商已经确认
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-04-23: 细节已通知厂商并且等待厂商处理中
2015-04-23: 厂商已经确认,细节仅向厂商公开
2015-05-03: 细节向核心白帽子及相关领域专家公开
2015-05-13: 细节向普通白帽子公开
2015-05-23: 细节向实习白帽子公开
2015-06-07: 细节向公众公开
简要描述:
应该是网关一类的,功能包括VPN管理,ARP管理,应用程序控制,还能打电话··?
详细说明:
连接ID 主叫号码 被叫号码 呼叫建立时间 通话开始时间 通话结束时间 通话时长 类型 查看详细
4294967295 1001 9011442081332937 2015-04-23 14:42:37 2015-04-23 14:42:37 00h:00min:00s Speech 查看详细
4294967295 18654321 90060048814635076 2015-04-23 14:45:26 2015-04-23 14:45:26 00h:00min:00s Speech 查看详细
4294967295 201 0011442032905503 2015-04-23 14:51:54 2015-04-23 14:51:54 00h:00min:00s Speech 查看详细
4294967295 100 999800972595118095 2015-04-23 14:55:24 2015-04-23 14:55:24 00h:00min:00s Speech 查看详细
4294967295 18654321 90070048814635076 2015-04-23 15:04:05 2015-04-23 15:04:05 00h:00min:00s Speech 查看详细
4294967295 100 800972592719197 2015-04-23 15:04:28 2015-04-23 15:04:28 00h:00min:00s Speech 查看详细
4294967295 100 888700972595118095 2015-04-23 15:13:24 2015-04-23 15:13:24 00h:00min:00s Speech 查看详细
4294967295 1101 7000972595452069 2015-04-23 15:21:16 2015-04-23 15:21:16 00h:00min:00s Speech 查看详细
4294967295 18654321 90080048814635076 2015-04-23 15:22:55 2015-04-23 15:22:55 00h:00min:00s Speech 查看详细
4294967295 100 1100972592719197 2015-04-23 15:26:40 2015-04-23 15:26:40 00h:00min:00s Speech 查看详细
4294967295 100 777600972595118095 2015-04-23 15:31:22 2015-04-23 15:31:22 00h:00min:00s Speech 查看详细
4294967295 117 9011972592663909 2015-04-23 15:36:10 2015-04-23 15:36:10 00h:00min:00s Speech 查看详细
4294967295 112 9011972592663909 2015-04-23 15:36:14 2015-04-23 15:36:14 00h:00min:00s Speech 查看详细
4294967295 18654321 900900048814635076 2015-04-23 15:41:38 2015-04-23 15:41:38 00h:00min:00s Speech 查看详细
4294967295 100 2200972592719197 2015-04-23 15:48:25 2015-04-23 15:48:25 00h:00min:00s Speech 查看详细
4294967295 100 666500972595118095 2015-04-23 15:49:21 2015-04-23 15:49:21 00h:00min:00s Speech 查看详细
4294967295 18654321 9009048814635076 2015-04-23 16:00:23 2015-04-23 16:00:23 00h:00min:00s Speech 查看详细
4294967295 1101 600972595452069 2015-04-23 16:01:25 2015-04-23 16:01:25 00h:00min:00s Speech 查看详细
4294967295 100 001972595118095 2015-04-23 16:07:25 2015-04-23 16:07:25 00h:00min:00s Speech 查看详细
4294967295 201 90011442032905503 2015-04-23 16:07:30 2015-04-23 16:07:30 00h:00min:00s Speech 查看详细
4294967295 100 3300972592719197 2015-04-23 16:10:56 2015-04-23 16:10:56 00h:00min:00s Speech 查看详细
4294967295 18654321 9000948814635076 2015-04-23 16:19:03 2015-04-23 16:19:03 00h:00min:00s Speech 查看详细
4294967295 100 +00972595118095 2015-04-23 16:25:28 2015-04-23 16:25:28 00h:00min:00s Speech 查看详细
4294967295 100 4400972592719197 2015-04-23 16:33:25 2015-04-23 16:33:25 00h:00min:00s Speech 查看详细
4294967295 18654321 900090048814635076 2015-04-23 16:37:57 2015-04-23 16:37:57 00h:00min:00s Speech 查看详细
4294967295 1101 6000972595452069 2015-04-23 16:41:35 2015-04-23 16:41:35 00h:00min:00s Speech 查看详细
4294967295 100 500972595118095 2015-04-23 16:43:41 2015-04-23 16:43:41 00h:00min:00s Speech 查看详细
4294967295 100 5500972592719197 2015-04-23 16:54:34 2015-04-23 16:54:34 00h:00min:00s Speech 查看详细
4294967295 18654321 90009009048814635076 2015-04-23 16:56:58 2015-04-23 16:56:58 00h:00min:00s Speech 查看详细
4294967295 100 600972595118095 2015-04-23 17:01:53 2015-04-23 17:01:53 00h:00min:00s Speech 查看详细
4294967295 100 6600972592719197 2015-04-23 17:16:07 2015-04-23 17:16:07 00h:00min:00s Speech 查看详细
4294967295 100 700972595118095 2015-04-23 17:20:07 2015-04-23 17:20:07 00h:00min:00s Speech 查看详细
4294967295 1101 500972595452069 2015-04-23 17:21:44 2015-04-23 17:21:44 00h:00min:00s Speech 查看详细
4294967295 201 0015442032905503 2015-04-23 17:23:30 2015-04-23 17:23:30 00h:00min:00s Speech 查看详细
4294967295 100 7700972592719197 2015-04-23 17:36:57 2015-04-23 17:36:57 00h:00min:00s Speech 查看详细
4294967295 100 441259701495 2015-04-23 17:37:47 2015-04-23 17:37:47 00h:00min:00s Speech 查看详细
4294967295 100 800972595118095 2015-04-23 17:38:28 2015-04-23 17:38:28 00h:00min:00s Speech 查看详细
4294967295 100 00441259701495 2015-04-23 17:50:24 2015-04-23 17:50:24 00h:00min:00s Speech 查看详细
4294967295 100 7700972595118095 2015-04-23 17:56:39 2015-04-23 17:56:39 00h:00min:00s Speech 查看详细
4294967295 100 8800972592719197 2015-04-23 17:57:39 2015-04-23 17:57:39 00h:00min:00s Speech 查看详细
4294967295 1101 5000972595452069 2015-04-23 18:01:59 2015-04-23 18:01:59 00h:00min:00s Speech 查看详细
4294967295 100 000441259701495 2015-04-23 18:03:56 2015-04-23 18:03:56 00h:00min:00s Speech 查看详细
4294967295 100 000000972595118095 2015-04-23 18:14:51 2015-04-23 18:14:51 00h:00min:00s Speech 查看详细
4294967295 100 0000441259701495 2015-04-23 18:16:21 2015-04-23 18:16:21 00h:00min:00s Speech 查看详细
4294967295 100 9900972592719197 2015-04-23 18:18:50 2015-04-23 18:18:50 00h:00min:00s Speech 查看详细
4294967295 100 8800972595118095 2015-04-23 18:33:08 2015-04-23 18:33:08 00h:00min:00s Speech 查看详细
4294967295 201 90015442032905503 2015-04-23 18:35:19 2015-04-23 18:35:19 00h:00min:00s Speech 查看详细
4294967295 100 003972592719197 2015-04-23 18:39:15 2015-04-23 18:39:15 00h:00min:00s Speech 查看详细
4294967295 1101 400972595452069 2015-04-23 18:42:26
漏洞证明:
http://58.60.106.12/
http://205.177.226.77/
Tunnel0 58.60.106.12 106.37.229.94
修改GRE配置删除GRE配置
Tunnel1 58.60.106.12 58.60.106.163
修改GRE配置删除GRE配置
Tunnel4 205.177.226.77 217.111.170.194
修改GRE配置删除GRE配置
Tunnel20 GigabitEthernet0/0 58.251.159.213
修改GRE配置删除GRE配置
Tunnel21 205.177.226.77 195.46.7.229
修改GRE配置删除GRE配置
Tunnel30
修改GRE配置删除GRE配置
Tunnel47 58.60.106.12 120.237.104.155
修改GRE配置删除GRE配置
Tunnel50 58.251.166.147 211.99.238.10
修改GRE配置删除GRE配置
Tunnel60 58.251.166.147 219.133.94.171
修改GRE配置删除GRE配置
Tunnel100 205.177.226.77 87.79.8.53
修改GRE配置删除GRE配置
Tunnel101 58.60.106.12 58.251.159.235
修改GRE配置删除GRE配置
Tunnel120 205.177.226.77 37.34.65.43
修改GRE配置删除GRE配置
Tunnel130 58.60.106.12 58.60.106.96
修复方案:
告诉我,这是干嘛的?
版权声明:转载请注明来源 李旭敏@乌云
漏洞回应
厂商回应:
危害等级:中
漏洞Rank:7
确认时间:2015-04-23 14:26
厂商回复:
感谢白帽子对华为公司安全的关注,我们已通知业务部门进行整改。
最新状态:
暂无