漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2015-0131321
漏洞标题:淘世界Git项目代码泄露(二)
相关厂商:爱美主义
漏洞作者: Feei
提交时间:2015-08-03 16:25
修复时间:2015-09-17 16:38
公开时间:2015-09-17 16:38
漏洞类型:重要敏感信息泄露
危害等级:高
自评Rank:20
漏洞状态:厂商已经确认
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2015-08-03: 细节已通知厂商并且等待厂商处理中
2015-08-03: 厂商已经确认,细节仅向厂商公开
2015-08-13: 细节向核心白帽子及相关领域专家公开
2015-08-23: 细节向普通白帽子公开
2015-09-02: 细节向实习白帽子公开
2015-09-17: 细节向公众公开
简要描述:
Gitlab项目代码泄露,包含主DB账号密码等
详细说明:
ROOT
http://gitlab.aimeizhuyi.com/zhaoming/search_build_index/blob/master/src/config/config.php
ONLINE
http://gitlab.aimeizhuyi.com/zhaoming/search_build_index/blob/master/src/config.online/config.php
漏洞证明:
mysql> show tables;
+--------------------------+
| Tables_in_aimeizhuyi |
+--------------------------+
| abnormal_log |
| abnormal_reply |
| action |
| activity |
| activity727_guaguaka |
| activity727_product |
| activity_detail |
| addr_id_card |
| admin |
| admin_group |
| app_config |
| article |
| buyer |
| buyer_account |
| buyer_count |
| buyer_ip |
| buyer_note |
| buyer_notification |
| buyer_opinion |
| buyer_pic |
| buyer_potential |
| buyer_rank |
| buyer_recommond |
| buyer_source |
| buyer_statistic |
| buyer_withdraw |
| category |
| comment |
| comment_black |
| coupon |
| coupon_expire |
| coupon_group |
| coupon_log |
| cron_onshelf |
| delivery_abroad |
| easemob_activity_msg |
| easemob_anonymous |
| easemob_friend |
| easemob_logistics_msg |
| easemob_msg |
| easemob_notify_msg |
| easemob_order_msg |
| easemob_supplement |
| event626_country |
| event626_coupon_record |
| event626_jigsaw_record |
| event626_jigsaw_stock |
| event626_like |
| event626_lottery_item |
| event626_lottery_quota |
| event626_lottery_record |
| event626_stock |
| express_company |
| express_print |
| favor |
| feedback |
| group |
| group_permission |
| hot_brand |
| hot_keyword |
| hot_keyword_list |
| index_new |
| live |
| live_apply |
| live_flow |
| live_forenotice |
| live_log |
| live_stock |
| logistic |
| logistic_overseas_log |
| logistic_tracking |
| notification |
| op_position |
| op_position_detail |
| op_position_detail_snap |
| op_position_snap |
| operator_log |
| order |
| order_addr_log |
| order_grades |
| order_log |
| order_note |
| order_share |
| order_share_like |
| own_buyer |
| pack |
| pack_confirm_log |
| pay_order |
| payment |
| permission |
| pop |
| promote_channel |
| public_notification |
| role_permission |
| securecode |
| send_pack_supplement |
| settlement |
| settlement_account |
| settlement_ignore_buyer |
| settlement_list |
| sms_queue |
| state_rank |
| stock |
| stock_activity_snapshoot |
| stock_amount |
| stock_book |
| stock_brand |
| stock_cate_supplement |
| stock_category |
| stock_comment |
| stock_feedback |
| stock_grade |
| stock_hidden |
| stock_like |
| stock_log |
| storage |
| store_order |
| system_log |
| t_day_order_by_stockid |
| tags |
| tags_item |
| talk |
| task_push |
| template |
| topic |
| trade_cart |
| trade_rate |
| trademsg_queue |
| user |
| user_addr |
| user_advice |
| user_refund |
| user_reminder |
| user_token |
| user_vip |
| userpoint_log |
| wait_refund |
| wapfaver |
| weight_hot_keyword |
+--------------------------+
139 rows in set (0.00 sec)
主DB库,所有订单、用户表都在里面。20rank!
修复方案:
- 不要使用Public仓库
- 限制Mysql Client IP白名单
版权声明:转载请注明来源 Feei@乌云
漏洞回应
厂商回应:
危害等级:高
漏洞Rank:20
确认时间:2015-08-03 16:36
厂商回复:
感谢Feei,我们的疏忽。
最新状态:
2015-08-03:请问Feei,你是从哪台机器连接的mysql服务器。谢谢。 我们会尽快修复此问题,谢谢。
2015-08-03:请问Feei,你是从哪台机器连接的mysql服务器。谢谢。 我们会尽快修复此问题,谢谢。