乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-03-07: 细节已通知厂商并且等待厂商处理中 2016-03-11: 厂商已经确认,细节仅向厂商公开 2016-03-21: 细节向核心白帽子及相关领域专家公开 2016-03-31: 细节向普通白帽子公开 2016-04-10: 细节向实习白帽子公开 2016-04-25: 细节向公众公开
**.**.**.**/wscx/ 内蒙古巴彦淖尔市住房公积金系统存在weblogic反序列命令执行通过shell配置数据库发现大量公积金以及个人详细信息,详细的个人银行以及身份证件信息。涉及近百万人危害数据过大,截取部分作为证明
<url>jdbc:oracle:thin:@**.**.**.**:1521/orcl</url> <driver-name>oracle.jdbc.OracleDriver</driver-name> <properties> <property> <name>user</name> <value>wasys3_byne</value> </property> </properties> <password-encrypted>{AES}RN9auPQ2TstpoVFWGy4hnS/d8m5nHw1s4f7GWXq3jkE=</password-encrypted>wasoft2010
数据库配置
GZ_GR_HBJ 8010198CW_GR_PZ 4152085GD_DK_HK 2679081CW_GR_PZ_NCYE 1708912GD_DK_HK_BF 1494807GD_DK_YD_ZZ 1217702GZ_GR_JCHD 766151CW_DW_PZ 701470GZ_GR_ZZ_LSND 623604 60W个人信息GD_TX_HK 472573GD_TX_HK_YH 471759GD_DK_YH 318730T_WA_SYS_OPTLOG 223781GZ_GR_ZZ 170410GZ_GR_FZ 169732TMP_GZ_TABLE 152020GZ_GR_ZZ_0730 144993CW_LOAD_PZ_MX 144158CW_GR_PZ_0804 143130GZ_GR_ZZBG 108407GD_SQ_SQR 103144GZZGKLK 96003GD_TX_HK_YH_BK1 90150CW_BBDATA 87809CW_DW_PZ_0804 82218HH1 79286GD_TX_HK_BK1 73024GZ_GR_TQ 70889T_WA_SYS_LOG_ERR 67835CW_LOAD_PZ_FL 64536GD_SQ_DK 58506GD_SQ_SH 58502GD_DK_ZZ 58438GD_DK_FZZ 57825GD_SQ_JB 57184CW_DW_PZ_NCYE 44068GD_DK_ZZ_BF 43572GZ_GR_HBJ_DEL 42919ZH 42706GZ_DW_JCRD_DEPT 35827CW_GR_PZ_DEL 34394CW_PZ_FL 30700GZ_DW_JK 28803GZ_DW_JCRD 25960GD_DK_YQ 20706T_MK_SYS_WF_NODELOG 20569T_MK_SYS_WF_PROCESSLOG 17171GD_SH_YJ 12600T_MK_SYS_WF_OPINIONLOG 12345T_MK_SYS_WF_ROUTELOG 12345CW_PZ_ML 12213GZ_TX_ZJDZK_GRTS 11969T_MK_SYS_MESSAGES 9334GD_DK_HK_0729 9156HQZH 8835GD_DK_HK_0723 8740WXW_PK 8674GZ_GR_ZZ_JJNY 8669CW_KMYE 6981GZ_GR_TQCL 6761GD_DB_GRDB 6680GD_DB_ZYDB 6255GD_DK_HK_0722 5532CW_KMYE_SK 5437GD_DK_HK_0803 4927GZ_GR_FZBG 4698WXW_YQ 4532WXW_YQ_1 4504H_KK0726 4448T_MK_SYS_WF_FLOWLOG 4411GZ_WD_TQ_MYQK 4347GD_SQ_DB 3893GD_TX_HK_B 3688T_WA_SYS_CALLLOG 3188CW_DW_PZ_DEL 2719BM_A003 2593GD_XM_XKZ 2475GZ_DW_ZZ 2389GZ_DW_JZ 2325GZ_DW_JZ_LSND 2325GZ_DW_ZZ_LSND 2325TMP_CW_LOADPZML 2322GZ_GR_HB 2085GD_DK_BG 2009GZ_WD_GJTQ_MYQK 1747GZ_WD_GJTQ_MYQK_20130407 1747HQZH1 1462GZ_WD_GJTQ_MYQK_HJH20130225 1423GD_DK_HK_DEL 1382CW_PZ_FL_DEL 1354GZ_DW_BG 1321GZ_DW_JK_0806 1283CW_KMBM_SK 1248CW_KMBM 1248CW_KMBM_20130206 1248GD_DK_REPLOG 1206T_WA_SYS_BOCLOG 950T_MK_SYS_MODULE_ROLE 946T_MK_SYS_DICTIONARY_DATA 774HQZH_1 764BM_DKTJ 740GD_GRDKLL 690GD_SQ_SQR_DEL 687TMP_USERXX_TABLE 680GZ_GR_ZZBG_DEL 668T_WA_USERXXBG_LOG 652GZ_GR_TQCL_DEL 641GD_DB_GRDB_BG 628GD_DB_ZYDB_BG 610GZ_WD_YWRJ 600GZ_DW_JCRD_DEL 548HR_YG_SJQX_YH 515BM_A097 496HR_YG_SJQX_CBWD 488GZ_GR_ZR 484GD_WD_DK_MYQK 456LDH 452T_MK_SYS_ROLE_USER 430GD_SQ_SC 430BM_DKYWLC 392GD_XM_JB 385T_WA_SYS_HOLIDAY 366GZ_DW_JK_DEL 358T_WA_SYS_REPORT 354GZ_WD_TQ_QC 345GZ_GR_TQ_DEL 323GD_DK_BZJ_ZZ 319BM_XTCS_GZ 312GD_SFDW 303GD_DK_KKZHTZ 295BM_ZGBM 288GZ_WD_GJTQ_MYQK_1 262GZ_TX_ZJDZK_GRTS_20121204 260GZ_TX_ZJDZK_GRTS_TEMP 255TAB1 245HR_YG_SJQX_GJD 241TEMP_LMK1 237T_MK_SYS_DICTIONARY 232BM_XTCS_GD 216BM_KMDY_GZ 208BM_D006 184GD_XM_QYYH 163GD_DK_XXBG 147BM_TQCL 145BM_KMDY_GD 144WXW1 140
数据库结构
危害等级:中
漏洞Rank:8
确认时间:2016-03-11 13:43
漏洞重复,CNVD不在重复处置。
暂无