当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0161270

漏洞标题:紫光股份某站命令执行可入内网(JAVA反序列化案例)

相关厂商:紫光股份

漏洞作者: 路人甲

提交时间:2015-12-14 18:09

修复时间:2016-01-28 17:10

公开时间:2016-01-28 17:10

漏洞类型:

危害等级:高

自评Rank:20

漏洞状态:未联系到厂商或者厂商积极忽略

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-12-14: 积极联系厂商并且等待厂商认领中,细节不对外公开
2016-01-28: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

紫光股份有限公司是信息电子产业的中国高科技A股上市公司(股票简称紫光股份,代码000938),由清华紫光(集团)总公司1999年发起设立。
紫光股份聚焦IT服务领域,着力打造“云—网—端”产业链,向云计算、移动互联网和大数据处理等行业应用全面深入,核心业务覆盖硬件、软件、技术服务,是集现代信息系统研发、建设、运营、维护于一体的全产业链服务提供商,能够为大型客户的信息化需求提供完整的IT服务。

详细说明:

1.png


从邮箱上看出确实为紫光股份的站点。
203.86.61.172

漏洞证明:

2.png


3.png


systeminfo

主机名:           UNIS-152
OS 名称:          Microsoft(R) Windows(R) Server 2003, Enterprise Edition
OS 版本:          5.2.3790 Service Pack 2 Build 3790
OS 制造商:        Microsoft Corporation
OS 配置:          独立服务器
OS 构件类型:      Multiprocessor Free
注册的所有人:     unis
注册的组织:       unisdigital
产品 ID:          69813-650-0022917-45670
初始安装日期:     2011-7-4, 20:55:34
系统启动时间:     30 天 9 小时 1 分 23 秒
系统制造商:       HP
系统型号:         ProLiant BL460c G7
系统类型:         X86-based PC
处理器:           安装了 8 个处理器。
                  [01]: x86 Family 6 Model 44 Stepping 2 GenuineIntel ~2400 Mhz
                  [02]: x86 Family 6 Model 44 Stepping 2 GenuineIntel ~2400 Mhz
                  [03]: x86 Family 6 Model 44 Stepping 2 GenuineIntel ~2400 Mhz
                  [04]: x86 Family 6 Model 44 Stepping 2 GenuineIntel ~2400 Mhz
                  [05]: x86 Family 6 Model 44 Stepping 2 GenuineIntel ~2400 Mhz
                  [06]: x86 Family 6 Model 44 Stepping 2 GenuineIntel ~2400 Mhz
                  [07]: x86 Family 6 Model 44 Stepping 2 GenuineIntel ~2400 Mhz
                  [08]: x86 Family 6 Model 44 Stepping 2 GenuineIntel ~2400 Mhz
BIOS 版本:        HP     - 2
Windows 目录:     C:\WINDOWS
系统目录:         C:\WINDOWS\system32
启动设备:         \Device\HarddiskVolume1
系统区域设置:     zh-cn;中文(中国)
输入法区域设置:   zh-cn;中文(中国)
时区:             (GMT+08:00) 北京,重庆,香港特别行政区,乌鲁木齐
物理内存总量:     6,134 MB
可用的物理内存:   4,584 MB
页面文件: 最大值: 12,090 MB
页面文件: 可用:   9,683 MB
页面文件: 使用中: 2,407 MB
页面文件位置:     C:\pagefile.sys
域:               WORKGROUP
登录服务器:       \\UNIS-152
修补程序:         安装了 558 个修补程序。
                  [01]: File 1
                  [02]: File 1
                  [03]: File 1
                  [04]: File 1
                  [05]: File 1
                  [06]: File 1
                  [07]: File 1
                  [08]: File 1
                  [09]: File 1
                  [10]: File 1
                  [11]: File 1
                  [12]: File 1
                  [13]: File 1
                  [14]: File 1
                  [15]: File 1
                  [16]: File 1
                  [17]: File 1
                  [18]: File 1
                  [19]: File 1
                  [20]: File 1
                  [21]: File 1
                  [22]: File 1
                  [23]: File 1
                  [24]: File 1
                  [25]: File 1
                  [26]: File 1
                  [27]: File 1
                  [28]: File 1
                  [29]: File 1
                  [30]: File 1
                  [31]: File 1
                  [32]: File 1
                  [33]: File 1
                  [34]: File 1
                  [35]: File 1
                  [36]: File 1
                  [37]: File 1
                  [38]: File 1
                  [39]: File 1
                  [40]: File 1
                  [41]: File 1
                  [42]: File 1
                  [43]: File 1
                  [44]: File 1
                  [45]: File 1
                  [46]: File 1
                  [47]: File 1
                  [48]: File 1
                  [49]: File 1
                  [50]: File 1
                  [51]: File 1
                  [52]: File 1
                  [53]: File 1
                  [54]: File 1
                  [55]: File 1
                  [56]: File 1
                  [57]: File 1
                  [58]: File 1
                  [59]: File 1
                  [60]: File 1
                  [61]: File 1
                  [62]: File 1
                  [63]: File 1
                  [64]: File 1
                  [65]: File 1
                  [66]: File 1
                  [67]: File 1
                  [68]: File 1
                  [69]: File 1
                  [70]: File 1
                  [71]: File 1
                  [72]: File 1
                  [73]: File 1
                  [74]: File 1
                  [75]: File 1
                  [76]: File 1
                  [77]: File 1
                  [78]: File 1
                  [79]: File 1
                  [80]: File 1
                  [81]: File 1
                  [82]: File 1
                  [83]: File 1
                  [84]: File 1
                  [85]: File 1
                  [86]: File 1
                  [87]: File 1
                  [88]: File 1
                  [89]: File 1
                  [90]: File 1
                  [91]: File 1
                  [92]: File 1
                  [93]: File 1
                  [94]: File 1
                  [95]: File 1
                  [96]: File 1
                  [97]: File 1
                  [98]: File 1
                  [99]: File 1
                  [100]: File 1
                  [101]: File 1
                  [102]: File 1
                  [103]: File 1
                  [104]: File 1
                  [105]: File 1
                  [106]: File 1
                  [107]: File 1
                  [108]: File 1
                  [109]: File 1
                  [110]: File 1
                  [111]: File 1
                  [112]: File 1
                  [113]: File 1
                  [114]: File 1
                  [115]: File 1
                  [116]: File 1
                  [117]: File 1
                  [118]: File 1
                  [119]: File 1
                  [120]: File 1
                  [121]: File 1
                  [122]: File 1
                  [123]: File 1
                  [124]: File 1
                  [125]: File 1
                  [126]: File 1
                  [127]: File 1
                  [128]: File 1
                  [129]: File 1
                  [130]: File 1
                  [131]: File 1
                  [132]: File 1
                  [133]: File 1
                  [134]: File 1
                  [135]: File 1
                  [136]: File 1
                  [137]: File 1
                  [138]: File 1
                  [139]: File 1
                  [140]: File 1
                  [141]: File 1
                  [142]: File 1
                  [143]: File 1
                  [144]: File 1
                  [145]: File 1
                  [146]: File 1
                  [147]: File 1
                  [148]: File 1
                  [149]: File 1
                  [150]: File 1
                  [151]: File 1
                  [152]: File 1
                  [153]: File 1
                  [154]: File 1
                  [155]: File 1
                  [156]: File 1
                  [157]: File 1
                  [158]: File 1
                  [159]: File 1
                  [160]: File 1
                  [161]: File 1
                  [162]: File 1
                  [163]: File 1
                  [164]: File 1
                  [165]: File 1
                  [166]: File 1
                  [167]: File 1
                  [168]: File 1
                  [169]: File 1
                  [170]: File 1
                  [171]: File 1
                  [172]: File 1
                  [173]: File 1
                  [174]: File 1
                  [175]: File 1
                  [176]: File 1
                  [177]: File 1
                  [178]: File 1
                  [179]: File 1
                  [180]: File 1
                  [181]: File 1
                  [182]: File 1
                  [183]: File 1
                  [184]: File 1
                  [185]: File 1
                  [186]: File 1
                  [187]: File 1
                  [188]: File 1
                  [189]: File 1
                  [190]: File 1
                  [191]: File 1
                  [192]: File 1
                  [193]: File 1
                  [194]: File 1
                  [195]: File 1
                  [196]: File 1
                  [197]: File 1
                  [198]: File 1
                  [199]: File 1
                  [200]: File 1
                  [201]: File 1
                  [202]: File 1
                  [203]: File 1
                  [204]: File 1
                  [205]: File 1
                  [206]: File 1
                  [207]: File 1
                  [208]: File 1
                  [209]: File 1
                  [210]: File 1
                  [211]: File 1
                  [212]: File 1
                  [213]: File 1
                  [214]: File 1
                  [215]: File 1
                  [216]: File 1
                  [217]: File 1
                  [218]: File 1
                  [219]: File 1
                  [220]: File 1
                  [221]: File 1
                  [222]: File 1
                  [223]: File 1
                  [224]: File 1
                  [225]: File 1
                  [226]: File 1
                  [227]: File 1
                  [228]: File 1
                  [229]: File 1
                  [230]: File 1
                  [231]: File 1
                  [232]: File 1
                  [233]: File 1
                  [234]: File 1
                  [235]: File 1
                  [236]: File 1
                  [237]: File 1
                  [238]: File 1
                  [239]: File 1
                  [240]: File 1
                  [241]: File 1
                  [242]: File 1
                  [243]: File 1
                  [244]: File 1
                  [245]: File 1
                  [246]: File 1
                  [247]: File 1
                  [248]: File 1
                  [249]: File 1
                  [250]: File 1
                  [251]: File 1
                  [252]: File 1
                  [253]: File 1
                  [254]: File 1
                  [255]: File 1
                  [256]: File 1
                  [257]: File 1
                  [258]: File 1
                  [259]: File 1
                  [260]: File 1
                  [261]: File 1
                  [262]: File 1
                  [263]: File 1
                  [264]: File 1
                  [265]: File 1
                  [266]: File 1
                  [267]: File 1
                  [268]: File 1
                  [269]: Q147222
                  [270]: KB2572069 - QFE
                  [271]: KB2604078 - QFE
                  [272]: KB2656358 - QFE
                  [273]: KB2656376 - QFE
                  [274]: KB2656376-v2 - QFE
                  [275]: KB2742604 - QFE
                  [276]: KB2894845 - QFE
                  [277]: KB2898860 - QFE
                  [278]: KB2901115 - QFE
                  [279]: KB2931352 - QFE
                  [280]: KB2972207 - QFE
                  [281]: KB2978114 - QFE
                  [282]: KB3023211 - QFE
                  [283]: KB3037572 - QFE
                  [284]: KB933854 - QFE
                  [285]: KB979907 - QFE
                  [286]: Q954430
                  [287]: Q973688
                  [288]: Q97368
网卡:             安装了 2 个 NIC。
                  [01]: HP NC553i Dual Port FlexFabric 10Gb Converged Network Adapter
                      连接名:      本地连接
                      启用 DHCP:   否
                      IP 地址
                      [01]: 172.16.32.150
                  [02]: HP NC553i Dual Port FlexFabric 10Gb Converged Network Adapter
                      连接名:      本地连接 2
                      状态:        媒体连接已中断

修复方案:

你们更专业~

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

未能联系到厂商或者厂商积极拒绝