当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0146180

漏洞标题:荆楚网DNS域传送漏洞

相关厂商:荆楚网

漏洞作者: 风格

提交时间:2015-10-12 22:08

修复时间:2015-11-30 17:14

公开时间:2015-11-30 17:14

漏洞类型:重要敏感信息泄露

危害等级:低

自评Rank:2

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-10-12: 细节已通知厂商并且等待厂商处理中
2015-10-16: 厂商已经确认,细节仅向厂商公开
2015-10-26: 细节向核心白帽子及相关领域专家公开
2015-11-05: 细节向普通白帽子公开
2015-11-15: 细节向实习白帽子公开
2015-11-30: 细节向公众公开

简要描述:

荆楚网~全国重点新闻网站

详细说明:

nslookup
server ns2.cnhubei.com
ls cnhubei.com

漏洞证明:

默认服务器: dns2.cnhubei.com
Address: 219.140.171.198
> [dns2.cnhubei.com]
cnhubei.com. NS server = ns1.cnhubei.com
cnhubei.com. NS server = ns2.cnhubei.com
cnhubei.com. NS server = ns3.cnhubei.com
cnhubei.com. NS server = ns4.cnhubei.com
cnhubei.com. NS server = dns1.cnhubei.com
cnhubei.com. NS server = dns2.cnhubei.com
cnhubei.com. NS server = dns3.cnhubei.com
cnhubei.com. NS server = dns4.cnhubei.com
cnhubei.com. A 59.175.181.243
ay1 A 120.55.119.203
c10 A 27.17.49.10
c11 A 27.17.49.11
c12 A 27.17.49.12
c13 A 27.17.49.13
c14 A 27.17.49.14
c241 A 59.175.153.241
c242 A 59.175.153.242
c243 A 59.175.153.243
c244 A 59.175.153.244
c247 A 59.175.153.247
c248 A 59.175.153.248
c249 A 59.175.153.249
c250 A 59.175.153.250
c251 A 59.175.153.251
c252 A 59.175.153.252
c253 A 59.175.153.253
c254 A 59.175.153.254
c8 A 27.17.49.8
c9 A 27.17.49.9
cta106 A 61.183.205.106
cta107 A 61.183.205.107
cta108 A 61.183.205.108
cta113 A 61.183.205.113
cta114 A 59.175.181.250
cta119 A 61.183.205.119
cta120 A 61.183.205.120
cta121 A 61.183.205.121
dns1 A 59.175.181.230
dns2 A 219.140.171.198
dns3 A 113.57.131.198
dns4 A 59.175.153.243
ftp NS server = ns1.ftp.cnhubei.com
ftp NS server = ns2.ftp.cnhubei.com
ftp A 219.140.171.8
ns1.ftp A 219.140.171.82
ns2.ftp A 220.249.109.218
gt A 111.74.238.5
hbtc A 58.49.94.88
n62 A 202.103.41.62
ns1 A 59.175.181.230
ns2 A 219.140.171.198
ns3 A 113.57.131.198
ns4 A 59.175.153.243
nsbd A 125.46.11.161
s A 125.77.194.146
s100 A 27.17.40.100
s101 A 27.17.40.101
s102 A 27.17.40.102
s103 A 27.17.40.103
s104 A 27.17.40.104
s105 A 27.17.40.105
s106 A 27.17.40.106
s107 A 27.17.40.107
s108 A 27.17.40.108
s109 A 27.17.40.109
s110 A 27.17.40.110
s111 A 27.17.40.111
s112 A 27.17.40.112
s113 A 27.17.40.113
s114 A 27.17.40.114
s115 A 27.17.40.115
s116 A 27.17.40.116
s117 A 27.17.40.117
s118 A 27.17.40.118
s119 A 27.17.40.119
s121 A 27.17.40.121
s122 A 27.17.40.122
s123 A 27.17.40.123
s124 A 27.17.40.124
s125 A 27.17.40.125
s126 A 27.17.40.126
s228 A 59.175.181.228
s240 A 59.175.181.240
s66 A 27.17.40.66
s67 A 27.17.40.67
s68 A 27.17.40.68
s69 A 27.17.40.69
s70 A 27.17.40.70
s71 A 27.17.40.71
s72 A 27.17.40.72
s73 A 27.17.40.73
s74 A 27.17.40.74
s75 A 27.17.40.75
s76 A 27.17.40.76
s77 A 27.17.40.77
s78 A 27.17.40.78
s79 A 27.17.40.79
s81 A 27.17.40.81
s82 A 27.17.40.82
s83 A 27.17.40.83
s84 A 27.17.40.84
s85 A 27.17.40.85
s87 A 27.17.40.87
s89 A 27.17.40.89
s91 A 27.17.40.91
s92 A 27.17.40.92
s93 A 27.17.40.93
s98 A 27.17.40.98
s99 A 27.17.40.99
show A 59.175.153.95
vpn NS server = ns1.vpn.cnhubei.com
vpn NS server = ns2.vpn.cnhubei.com
vpn A 219.140.171.8
ns1.vpn A 219.140.171.82
ns2.vpn A 220.249.109.218

修复方案:

我也不懂

版权声明:转载请注明来源 风格@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:10

确认时间:2015-10-16 17:12

厂商回复:

漏洞已修复,感谢!

最新状态:

暂无