漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0115279
漏洞标题:广州中医药大学DNS域传送漏洞
相关厂商:广州中医药大学
漏洞作者: Doraemon
提交时间:2015-05-21 15:05
修复时间:2015-05-26 15:06
公开时间:2015-05-26 15:06
漏洞类型:网络敏感信息泄漏
危害等级:中
自评Rank:5
漏洞状态:已交由第三方合作机构(CCERT教育网应急响应组)处理
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-05-21: 细节已通知厂商并且等待厂商处理中
2015-05-26: 厂商已经主动忽略漏洞,细节向公众公开
简要描述:
gzhtcm.edu.cn DNS服务器配置不当,导致信息泄露。
详细说明:
漏洞证明:
> ls gzhtcm.edu.cn
[gzzy420.gzhtcm.edu.cn]
gzhtcm.edu.cn. NS server = gzzy420.gzhtcm.edu.cn
gzhtcm.edu.cn. A 210.38.96.1
gzzy420 A 210.38.96.1
www1 A 210.38.111.141
nc A 210.38.111.33
www2 A 61.144.26.78
wlzx A 210.38.111.148
oa A 210.38.96.4
pxkskd A 210.38.96.50
mtrx0029 A 210.38.96.17
cloud A 210.38.111.179
my A 210.38.111.164
bb A 210.38.111.218
antivirus A 210.38.111.171
jsjks A 210.38.111.193
jpkc A 210.38.111.148
mail A 210.38.111.132
security A 210.38.111.161
gzzy450 A 210.38.96.5
gradmis A 210.38.111.194
library A 210.38.102.131
info A 210.38.111.169
bylw A 210.38.111.238
dagl A 210.38.102.54
jyjs A 210.38.111.210
traffic A 210.38.111.30
cwc A 210.38.99.35
bbs A 210.38.96.39
anni A 210.38.111.136
account A 210.38.96.8
gzzy10 A 210.38.96.2
netsec A 210.38.111.40
jxwz A 210.38.96.104
cms A 210.38.111.170
jxzyk A 210.38.96.102
netservice A 210.38.111.163
cctm A 210.38.111.237
ipbase A 210.38.111.191
jxjy A 210.38.111.233
gdzc A 210.38.99.36
www A 210.38.111.153
jw A 210.38.111.227
jw A 210.38.111.228
xyzx A 210.38.111.24
973 A 210.38.111.197
ftp A 210.38.111.22
xsc A 210.38.111.236
xnps A 210.38.111.135
blog A 210.38.111.212
> ls -d gzhtcm.edu.cn
[gzzy420.gzhtcm.edu.cn]
gzhtcm.edu.cn. SOA gzhtcm.edu.cn postmaster.gzhtcm.edu.cn. (
30026 28800 7200 604800 86400)
gzhtcm.edu.cn. NS gzzy420.gzhtcm.edu.cn
gzhtcm.edu.cn. TXT "v=spf1 ip4:210.38.96.17 ip4:210
.38.111.131 -all"
gzhtcm.edu.cn. MX 10 mail.gzhtcm.edu.cn
gzhtcm.edu.cn. A 210.38.96.1
gzzy420 A 210.38.96.1
www1 A 210.38.111.141
nc A 210.38.111.33
www2 A 61.144.26.78
pxks CNAME jxjy.gzhtcm.edu.cn
wlzx A 210.38.111.148
oa A 210.38.96.4
pxkskd A 210.38.96.50
mtrx0029 A 210.38.96.17
cloud A 210.38.111.179
my A 210.38.111.164
bb A 210.38.111.218
antivirus A 210.38.111.171
jsjks A 210.38.111.193
jpkc A 210.38.111.148
mail MX 10 mtrx0029.gzhtcm.edu.cn
mail A 210.38.111.132
security A 210.38.111.161
zyypx CNAME jxjy.gzhtcm.edu.cn
gzzy450 A 210.38.96.5
gradmis A 210.38.111.194
mtrxsrv CNAME mtrx0029.gzhtcm.edu.cn
library A 210.38.102.131
info A 210.38.111.169
bylw A 210.38.111.238
dagl A 210.38.102.54
jyjs A 210.38.111.210
traffic A 210.38.111.30
cwc A 210.38.99.35
sysfzx CNAME anni.gzhtcm.edu.cn
dns CNAME gzzy420.gzhtcm.edu.cn
bbs A 210.38.96.39
jxcgj CNAME ipbase.gzhtcm.edu.cn
anni A 210.38.111.136
account A 210.38.96.8
gzzy10 A 210.38.96.2
psy CNAME xsc.gzhtcm.edu.cn
bkqs CNAME gzzy10.gzhtcm.edu.cn
zj973 CNAME xnps.gzhtcm.edu.cn
netsec A 210.38.111.40
jxwz A 210.38.96.104
cms A 210.38.111.170
ftp1 CNAME www1.gzhtcm.edu.cn
campus CNAME xyzx.gzhtcm.edu.cn
it CNAME ipbase.gzhtcm.edu.cn
jxzyk A 210.38.96.102
netservice A 210.38.111.163
cctm A 210.38.111.237
ipbase A 210.38.111.191
jxjy A 210.38.111.233
gdzc A 210.38.99.36
www A 210.38.111.153
jw A 210.38.111.227
jw A 210.38.111.228
search CNAME security.gzhtcm.edu.cn
xyzx A 210.38.111.24
973 A 210.38.111.197
ftp A 210.38.111.22
xsc A 210.38.111.236
xnps A 210.38.111.135
blog A 210.38.111.212
gzhtcm.edu.cn. SOA gzhtcm.edu.cn postmaster.gzhtcm.edu.cn. (
30026 28800 7200 604800 86400)
修复方案:
严格限制允许区域传送的主机;使用TSIG key来严格定义区域传送的关系。
allow-transfer { x.x.x.x; };
版权声明:转载请注明来源 Doraemon@乌云
漏洞回应
厂商回应:
危害等级:无影响厂商忽略
忽略时间:2015-05-26 15:06
厂商回复:
最新状态:
暂无