当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0112899

漏洞标题:广东省医学会命令执行漏洞

相关厂商:广东省医学会

漏洞作者: 朱元璋

提交时间:2015-05-15 18:15

修复时间:2015-07-03 16:22

公开时间:2015-07-03 16:22

漏洞类型:成功的入侵事件

危害等级:高

自评Rank:15

漏洞状态:已交由第三方合作机构(广东省信息安全测评中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-05-15: 细节已通知厂商并且等待厂商处理中
2015-05-19: 厂商已经确认,细节仅向厂商公开
2015-05-29: 细节向核心白帽子及相关领域专家公开
2015-06-08: 细节向普通白帽子公开
2015-06-18: 细节向实习白帽子公开
2015-07-03: 细节向公众公开

简要描述:

传有马,自己杀

详细说明:

地址http://120.132.149.46:8080/meeting/usRegister/userLogin.action存在命令执行漏洞

0.png


后门地址: http://120.132.149.46:8080/meeting/2.jsp 连接密码tom

漏洞证明:

net user

\\WIN-1829QTK34AJ µÄÓû§ÕÊ»§
-------------------------------------------------------------------------------
a                        Administrator            Guest                    
McAfeeMVSUser            xiaoxi                   
ÃüÁî³É¹¦Íê³É¡£


netstat -an

»î¶¯Á¬½Ó
  ЭÒé  ±¾µØµØÖ·          ÍⲿµØÖ·        ״̬
  TCP    0.0.0.0:80             0.0.0.0:0              LISTENING
  TCP    0.0.0.0:135            0.0.0.0:0              LISTENING
  TCP    0.0.0.0:443            0.0.0.0:0              LISTENING
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
  TCP    0.0.0.0:1723           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:3306           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:6515           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:8009           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:8010           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:8080           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:33889          0.0.0.0:0              LISTENING
  TCP    0.0.0.0:47001          0.0.0.0:0              LISTENING
  TCP    0.0.0.0:49152          0.0.0.0:0              LISTENING
  TCP    0.0.0.0:49153          0.0.0.0:0              LISTENING
  TCP    0.0.0.0:49155          0.0.0.0:0              LISTENING
  TCP    0.0.0.0:49157          0.0.0.0:0              LISTENING
  TCP    0.0.0.0:49158          0.0.0.0:0              LISTENING
  TCP    0.0.0.0:58228          0.0.0.0:0              LISTENING
  TCP    120.132.149.46:80      61.146.168.26:39539    ESTABLISHED
  TCP    120.132.149.46:80      61.146.168.26:40671    ESTABLISHED
  TCP    120.132.149.46:80      61.146.168.26:44708    ESTABLISHED
  TCP    120.132.149.46:80      61.146.168.26:53414    ESTABLISHED
  TCP    120.132.149.46:80      61.146.168.26:55363    ESTABLISHED
  TCP    120.132.149.46:80      61.146.168.26:55969    ESTABLISHED
  TCP    120.132.149.46:80      113.108.179.180:50755  FIN_WAIT_2
  TCP    120.132.149.46:80      122.13.85.134:42518    ESTABLISHED
  TCP    120.132.149.46:80      180.153.163.206:60098  TIME_WAIT
  TCP    120.132.149.46:139     0.0.0.0:0              LISTENING
  TCP    120.132.149.46:8080    171.37.162.53:51088    TIME_WAIT
  TCP    120.132.149.46:8080    171.37.162.53:51089    TIME_WAIT
  TCP    120.132.149.46:8080    171.37.162.53:51090    TIME_WAIT
  TCP    120.132.149.46:8080    171.37.162.53:51091    TIME_WAIT
  TCP    120.132.149.46:8080    171.37.162.53:51092    ESTABLISHED
  TCP    120.132.149.46:8080    180.153.206.37:59156   TIME_WAIT
  TCP    120.132.149.46:49793   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50015   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50049   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50108   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50148   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50199   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50228   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50268   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50302   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50449   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50451   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50627   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50629   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:50959   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51141   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51628   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51630   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51698   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51700   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51717   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51719   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51725   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51727   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51736   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51738   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51744   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51746   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51752   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51754   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51772   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51774   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51776   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51848   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51850   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51852   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51854   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51860   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51862   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51864   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51870   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51872   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51878   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51880   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51916   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51918   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51920   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51922   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51924   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51932   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51934   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:51936   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52016   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52018   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52024   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52026   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52028   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52030   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52032   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52034   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52037   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52038   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52072   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52074   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52076   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52086   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52088   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52090   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52092   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52094   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52096   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52177   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52200   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:52288   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:53286   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:53341   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:53636   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:53642   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:53934   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:53945   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:53956   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:54194   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:54227   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:55783   161.69.25.233:443      ESTABLISHED
  TCP    120.132.149.46:55803   161.69.25.233:80       ESTABLISHED
  TCP    120.132.149.46:55804   161.69.25.233:443      ESTABLISHED
  TCP    120.132.149.46:57571   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:57580   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:57583   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:57585   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:57587   0.0.0.0:0              LISTENING
  TCP    120.132.149.46:60454   23.10.0.60:443         CLOSE_WAIT
  TCP    127.0.0.1:3306         127.0.0.1:59009        ESTABLISHED
  TCP    127.0.0.1:3306         127.0.0.1:60498        ESTABLISHED
  TCP    127.0.0.1:3306         127.0.0.1:60578        ESTABLISHED
  TCP    127.0.0.1:3306         127.0.0.1:60641        ESTABLISHED
  TCP    127.0.0.1:5939         0.0.0.0:0              LISTENING
  TCP    127.0.0.1:8005         0.0.0.0:0              LISTENING
  TCP    127.0.0.1:8055         0.0.0.0:0              LISTENING
  TCP    127.0.0.1:59009        127.0.0.1:3306         ESTABLISHED
  TCP    127.0.0.1:60498        127.0.0.1:3306         ESTABLISHED
  TCP    127.0.0.1:60578        127.0.0.1:3306         ESTABLISHED
  TCP    127.0.0.1:60641        127.0.0.1:3306         ESTABLISHED
  TCP    [::]:80                [::]:0                 LISTENING
  TCP    [::]:135               [::]:0                 LISTENING
  TCP    [::]:443               [::]:0                 LISTENING
  TCP    [::]:445               [::]:0                 LISTENING
  TCP    [::]:8009              [::]:0                 LISTENING
  TCP    [::]:8010              [::]:0                 LISTENING
  TCP    [::]:8080              [::]:0                 LISTENING
  TCP    [::]:33889             [::]:0                 LISTENING
  TCP    [::]:47001             [::]:0                 LISTENING
  TCP    [::]:49152             [::]:0                 LISTENING
  TCP    [::]:49153             [::]:0                 LISTENING
  TCP    [::]:49155             [::]:0                 LISTENING
  TCP    [::]:49157             [::]:0                 LISTENING
  TCP    [::]:49158             [::]:0                 LISTENING
  TCP    [::]:58228             [::]:0                 LISTENING
  UDP    0.0.0.0:500            *:*                    
  UDP    0.0.0.0:4500           *:*                    
  UDP    0.0.0.0:5355           *:*                    
  UDP    0.0.0.0:6514           *:*                    
  UDP    0.0.0.0:6515           *:*                    
  UDP    0.0.0.0:6516           *:*                    
  UDP    0.0.0.0:52754          *:*                    
  UDP    0.0.0.0:52755          *:*                    
  UDP    0.0.0.0:52758          *:*                    
  UDP    0.0.0.0:55979          *:*                    
  UDP    120.132.149.46:137     *:*                    
  UDP    120.132.149.46:138     *:*                    
  UDP    127.0.0.1:49175        *:*                    
  UDP    127.0.0.1:49177        *:*                    
  UDP    127.0.0.1:49435        *:*                    
  UDP    127.0.0.1:50020        *:*                    
  UDP    127.0.0.1:50022        *:*                    
  UDP    127.0.0.1:50510        *:*                    
  UDP    127.0.0.1:51199        *:*                    
  UDP    127.0.0.1:51385        *:*                    
  UDP    127.0.0.1:51668        *:*                    
  UDP    127.0.0.1:51670        *:*                    
  UDP    127.0.0.1:51990        *:*                    
  UDP    127.0.0.1:51992        *:*                    
  UDP    127.0.0.1:52011        *:*                    
  UDP    127.0.0.1:52030        *:*                    
  UDP    127.0.0.1:52032        *:*                    
  UDP    127.0.0.1:52334        *:*                    
  UDP    127.0.0.1:52336        *:*                    
  UDP    127.0.0.1:52523        *:*                    
  UDP    127.0.0.1:52752        *:*                    
  UDP    127.0.0.1:52823        *:*                    
  UDP    127.0.0.1:52825        *:*                    
  UDP    127.0.0.1:53086        *:*                    
  UDP    127.0.0.1:53088        *:*                    
  UDP    127.0.0.1:53715        *:*                    
  UDP    127.0.0.1:53795        *:*                    
  UDP    127.0.0.1:54593        *:*                    
  UDP    127.0.0.1:54820        *:*                    
  UDP    127.0.0.1:54822        *:*                    
  UDP    127.0.0.1:55543        *:*                    
  UDP    127.0.0.1:55867        *:*                    
  UDP    127.0.0.1:56264        *:*                    
  UDP    127.0.0.1:56266        *:*                    
  UDP    127.0.0.1:56453        *:*                    
  UDP    127.0.0.1:56580        *:*                    
  UDP    127.0.0.1:57106        *:*                    
  UDP    127.0.0.1:57128        *:*                    
  UDP    127.0.0.1:57769        *:*                    
  UDP    127.0.0.1:57773        *:*                    
  UDP    127.0.0.1:57775        *:*                    
  UDP    127.0.0.1:57777        *:*                    
  UDP    127.0.0.1:57783        *:*                    
  UDP    127.0.0.1:57785        *:*                    
  UDP    127.0.0.1:57787        *:*                    
  UDP    127.0.0.1:57789        *:*                    
  UDP    127.0.0.1:57791        *:*                    
  UDP    127.0.0.1:57874        *:*                    
  UDP    127.0.0.1:57876        *:*                    
  UDP    127.0.0.1:58817        *:*                    
  UDP    127.0.0.1:58819        *:*                    
  UDP    127.0.0.1:59308        *:*                    
  UDP    127.0.0.1:60004        *:*                    
  UDP    127.0.0.1:60006        *:*                    
  UDP    127.0.0.1:60008        *:*                    
  UDP    127.0.0.1:60010        *:*                    
  UDP    127.0.0.1:60012        *:*                    
  UDP    127.0.0.1:60014        *:*                    
  UDP    127.0.0.1:60358        *:*                    
  UDP    127.0.0.1:60502        *:*                    
  UDP    127.0.0.1:62143        *:*                    
  UDP    127.0.0.1:62578        *:*                    
  UDP    127.0.0.1:62580        *:*                    
  UDP    127.0.0.1:62582        *:*                    
  UDP    127.0.0.1:62729        *:*                    
  UDP    127.0.0.1:62731        *:*                    
  UDP    127.0.0.1:62733        *:*                    
  UDP    127.0.0.1:62735        *:*                    
  UDP    127.0.0.1:63316        *:*                    
  UDP    127.0.0.1:63318        *:*                    
  UDP    127.0.0.1:63320        *:*                    
  UDP    127.0.0.1:63322        *:*                    
  UDP    127.0.0.1:63324        *:*                    
  UDP    127.0.0.1:63326        *:*                    
  UDP    127.0.0.1:63328        *:*                    
  UDP    127.0.0.1:63330        *:*                    
  UDP    127.0.0.1:63374        *:*                    
  UDP    127.0.0.1:63376        *:*                    
  UDP    127.0.0.1:63378        *:*                    
  UDP    127.0.0.1:63752        *:*                    
  UDP    127.0.0.1:63779        *:*                    
  UDP    127.0.0.1:64294        *:*                    
  UDP    127.0.0.1:64296        *:*                    
  UDP    127.0.0.1:64298        *:*                    
  UDP    127.0.0.1:64834        *:*                    
  UDP    127.0.0.1:64853        *:*                    
  UDP    127.0.0.1:64855        *:*                    
  UDP    127.0.0.1:65364        *:*                    
  UDP    127.0.0.1:65366        *:*                    
  UDP    [::]:500               *:*                    
  UDP    [::]:4500              *:*                    
  UDP    [::]:5355              *:*                    
  UDP    [::]:52754             *:*                    
  UDP    [::]:52755             *:*                    
  UDP    [::]:55979             *:*                    
  UDP    [::1]:49176            *:*                    
  UDP    [::1]:49178            *:*                    
  UDP    [::1]:49436            *:*                    
  UDP    [::1]:50021            *:*                    
  UDP    [::1]:50023            *:*                    
  UDP    [::1]:50511            *:*                    
  UDP    [::1]:51200            *:*                    
  UDP    [::1]:51386            *:*                    
  UDP    [::1]:51669            *:*                    
  UDP    [::1]:51671            *:*                    
  UDP    [::1]:51991            *:*                    
  UDP    [::1]:51993            *:*                    
  UDP    [::1]:52012            *:*                    
  UDP    [::1]:52031            *:*                    
  UDP    [::1]:52033            *:*                    
  UDP    [::1]:52335            *:*                    
  UDP    [::1]:52337            *:*                    
  UDP    [::1]:52524            *:*                    
  UDP    [::1]:52753            *:*                    
  UDP    [::1]:52756            *:*                    
  UDP    [::1]:52757            *:*                    
  UDP    [::1]:52824            *:*                    
  UDP    [::1]:52826            *:*                    
  UDP    [::1]:53087            *:*                    
  UDP    [::1]:53089            *:*                    
  UDP    [::1]:53716            *:*                    
  UDP    [::1]:53796            *:*                    
  UDP    [::1]:54594            *:*                    
  UDP    [::1]:54821            *:*                    
  UDP    [::1]:54823            *:*                    
  UDP    [::1]:55544            *:*                    
  UDP    [::1]:55868            *:*                    
  UDP    [::1]:56265            *:*                    
  UDP    [::1]:56267            *:*                    
  UDP    [::1]:56454            *:*                    
  UDP    [::1]:56581            *:*                    
  UDP    [::1]:57107            *:*                    
  UDP    [::1]:57129            *:*                    
  UDP    [::1]:57770            *:*                    
  UDP    [::1]:57774            *:*                    
  UDP    [::1]:57776            *:*                    
  UDP    [::1]:57778            *:*                    
  UDP    [::1]:57784            *:*                    
  UDP    [::1]:57786            *:*                    
  UDP    [::1]:57788            *:*                    
  UDP    [::1]:57790            *:*                    
  UDP    [::1]:57792            *:*                    
  UDP    [::1]:57875            *:*                    
  UDP    [::1]:57877            *:*                    
  UDP    [::1]:58818            *:*                    
  UDP    [::1]:58820            *:*                    
  UDP    [::1]:59309            *:*                    
  UDP    [::1]:60005            *:*                    
  UDP    [::1]:60007            *:*                    
  UDP    [::1]:60009            *:*                    
  UDP    [::1]:60011            *:*                    
  UDP    [::1]:60013            *:*                    
  UDP    [::1]:60015            *:*                    
  UDP    [::1]:60359            *:*                    
  UDP    [::1]:60503            *:*                    
  UDP    [::1]:62144            *:*                    
  UDP    [::1]:62579            *:*                    
  UDP    [::1]:62581            *:*                    
  UDP    [::1]:62583            *:*                    
  UDP    [::1]:62730            *:*                    
  UDP    [::1]:62732            *:*                    
  UDP    [::1]:62734            *:*                    
  UDP    [::1]:62736            *:*                    
  UDP    [::1]:63317            *:*                    
  UDP    [::1]:63319            *:*                    
  UDP    [::1]:63321            *:*                    
  UDP    [::1]:63323            *:*                    
  UDP    [::1]:63325            *:*                    
  UDP    [::1]:63327            *:*                    
  UDP    [::1]:63329            *:*                    
  UDP    [::1]:63331            *:*                    
  UDP    [::1]:63375            *:*                    
  UDP    [::1]:63377            *:*                    
  UDP    [::1]:63379            *:*                    
  UDP    [::1]:63753            *:*                    
  UDP    [::1]:63780            *:*                    
  UDP    [::1]:64295            *:*                    
  UDP    [::1]:64297            *:*                    
  UDP    [::1]:64299            *:*                    
  UDP    [::1]:64835            *:*                    
  UDP    [::1]:64854            *:*                    
  UDP    [::1]:64856            *:*                    
  UDP    [::1]:65365            *:*                    
  UDP    [::1]:65367            *:*


修复方案:

加强安全意识

版权声明:转载请注明来源 朱元璋@乌云

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:10

确认时间:2015-05-19 16:21

厂商回复:

非常感谢您的报告。
报告中的问题已确认并复现.
影响的数据:高
攻击成本:低
造成影响:高
综合评级为:高,rank:10
正在联系相关网站管理单位处置。

最新状态:

暂无