当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2012-06145

漏洞标题:冰动娱乐DNS域传送漏洞

相关厂商:上海冰动信息技术有限公司

漏洞作者: ReJeCt

提交时间:2012-04-18 16:19

修复时间:2012-06-02 16:20

公开时间:2012-06-02 16:20

漏洞类型:网络敏感信息泄漏

危害等级:中

自评Rank:10

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2012-04-18: 细节已通知厂商并且等待厂商处理中
2012-04-18: 厂商已经确认,细节仅向厂商公开
2012-04-28: 细节向核心白帽子及相关领域专家公开
2012-05-08: 细节向普通白帽子公开
2012-05-18: 细节向实习白帽子公开
2012-06-02: 细节向公众公开

简要描述:

playcool.com DNS服务器(banana.playcool.com apple.playcool.com等)配置不当,导致所有域名dns泄露,因旗下有三款网络游戏,因此很有可能通过DNS域问题来间接获得更多敏感信息,渗透入内网。

详细说明:

漏洞证明:

> server apple.playcool.com
默认服务器: apple.playcool.com
Address: 122.226.192.1
> ls playcool.com
[apple.playcool.com]
playcool.com. A 122.226.192.57
playcool.com. NS server = date.playcool.com
playcool.com. NS server = apple.playcool.com
playcool.com. NS server = banana.playcool.com
activity A 220.181.2.93
activity A 220.181.2.94
ad A 10.2.3.13
apple A 122.226.192.1
banana A 123.129.231.129
bts A 114.80.81.27
bts0 A 122.226.192.54
bts1 A 122.226.192.54
c A 222.73.214.103
cas A 114.80.81.27
cas0 A 122.226.192.54
cas1 A 122.226.192.54
cas2 A 114.80.81.27
download.cnc A 123.129.231.130
download.cnc A 123.129.231.135
coconut A 222.73.214.1
update.ml.corp A 172.18.2.221
update2.ml.corp A 172.18.2.221
app.passport.corp A 172.18.2.137
db.passport.corp A 172.18.2.136
queue.passport.corp A 172.18.2.139
web.passport.corp A 172.18.2.138
phpq.corp A 122.226.192.57
pool.corp A 222.133.231.194
cs A 122.226.192.57
data A 10.2.1.22
date A 114.80.81.1
list.dd A 122.226.192.3
pingsite1.dd A 122.226.192.3
site1.dd A 122.226.192.3
ss.dd A 122.226.192.3
ver.dd A 122.226.192.3
dl A 122.226.192.57
download A 122.226.192.57
list.dtest A 122.226.192.3
patch.dtest A 122.226.192.3
pingsite3.dtest A 123.129.231.129
pingsite4.dtest A 122.226.192.3
site3.dtest A 123.129.231.236
site4.dtest A 122.226.192.108
ss.dtest A 122.226.192.3
uc.dtest A 122.226.192.2
ver.dtest A 122.226.192.3
esales A 114.80.81.6
ftp2 A 123.129.231.144
gcafe A 122.226.192.57
gm A 114.80.81.7
go A 122.226.192.96
admin.go A 122.226.192.97
hd A 122.226.192.101
hr A 122.226.192.69
ibdftp A 61.129.72.21
img A 122.226.192.57
junwangpayment A 114.80.81.6
kf A 122.226.192.57
launcher A 122.226.192.57
mail A 114.80.81.8
mail2 A 114.80.81.14
member A 114.80.81.27
mf A 122.226.192.14
ml A 122.226.192.57
launcher.a.ml A 122.226.192.3
list.a.ml A 122.226.192.3
patch.a.ml A 118.123.241.66
pingsite1.a.ml A 118.123.241.66
site1.a.ml A 118.123.241.122
ss.a.ml A 122.226.192.3
uc.a.ml A 118.123.241.66
ver.a.ml A 122.226.192.3
ad.ml A 122.226.192.57
app.ml A 122.226.192.57
bbs.ml A 122.226.192.57
dl.ml A 122.226.192.57
download1.ml A 122.226.192.3
download3.ml A 122.226.192.2
download3.ml A 122.226.192.3
engmtools.ml A 122.226.192.57
ftp.ml A 114.80.81.10
gbs.ml A 114.80.81.27
gmtools.ml A 10.65.0.251
hsupdate.ml A 122.226.192.3
jwj.ml A 122.226.192.57
nnsite1.ml A 122.226.192.125
nsite1.ml A 122.226.192.85
nsite2.ml A 122.226.192.51
nsite3.ml A 123.129.231.208
nsite4.ml A 122.226.192.25
cd.patch.ml A 118.123.241.78
cd.patch.ml A 118.123.241.79
cd.patch.ml A 118.123.241.80
cd.patch.ml A 118.123.241.81
pdt.ml A 122.226.192.57
pingnnsite1.ml A 122.226.192.3
pingnsite1.ml A 122.226.192.3
pingnsite2.ml A 122.226.192.3
pingnsite3.ml A 123.129.231.130
pingnsite4.ml A 122.226.192.3
pingsite1.ml A 122.226.192.57
pingsite2.ml A 122.226.192.57
pingsite3.ml A 123.129.231.130
quick.ml A 122.226.192.57
site3.ml A 123.129.231.236
update.ml A 122.226.192.57
usftp.ml A 114.80.81.10
xj.ml A 122.226.192.57
patch.xj.ml A 122.226.192.3
xsk.ml A 122.226.192.57
list.mltest A 122.226.192.3
pingsite1.mltest A 122.226.192.3
site1.mltest A 122.226.192.26
ss.mltest A 122.226.192.3
ver.mltest A 122.226.192.3
monitor A 10.2.1.22
netbar A 122.226.192.57
p A 122.226.192.57
ftp.partner A 61.152.145.111
passport A 114.80.81.27
app.passport A 10.10.10.102
db.passport A 10.1.3.200
queue.passport A 10.1.3.104
web1.passport A 10.1.3.101
pay A 114.80.81.27
service A 122.226.192.57
sinasms A 114.80.81.6
sj A 122.226.192.3
sj A 122.226.192.57
bbs.sj A 122.226.192.57
download.cnc.sj A 123.129.231.130
download.cnc.sj A 123.129.231.135
download1.cnc.sj A 123.129.231.130
download1.sj A 122.226.192.2
download2.sj A 122.226.192.3
cnc.gas.sj A 10.10.20.101
tel.gas.sj A 10.10.30.101
gas0.sj A 122.226.192.54
gas1.sj A 122.226.192.54
gbs.sj A 114.80.81.27
gbs0.sj A 122.226.192.54
gbs1.sj A 122.226.192.54
gds.sj A 114.80.81.27
gds0.sj A 122.226.192.54
gds1.sj A 122.226.192.54
0.log.sj A 10.68.10.128
1.log.sj A 10.68.11.119
10.log.sj A 10.68.1.119
2.log.sj A 10.68.11.119
3.log.sj A 10.68.13.119
4.log.sj A 10.68.1.119
5.log.sj A 10.68.1.119
6.log.sj A 10.68.3.119
7.log.sj A 10.68.11.119
8.log.sj A 10.68.15.119
9.log.sj A 10.68.16.119
b2.log.sj A 172.17.104.174
patch.sj A 122.226.192.2
patch.sj A 122.226.192.3
0.patch.sj A 122.226.192.2
0.patch.sj A 122.226.192.3
99.patch.sj A 122.226.192.2
99.patch.sj A 122.226.192.3
b1.patch.sj A 172.18.10.250
b2.patch.sj A 172.18.10.250
c1.patch.sj A 172.18.10.250
c2.patch.sj A 172.18.10.250
r1.patch.sj A 122.226.192.2
qy.sj A 122.226.192.54
download.tel.sj A 122.226.192.2
download.tel.sj A 122.226.192.3
sms A 172.18.2.143
static1 A 122.226.192.57
zabbix.techop A 172.18.10.250
tg A 122.226.192.50
time A 114.80.81.1
tracker A 122.226.192.121
tracker2 A 123.129.231.130
tracker3 A 122.226.192.2
ty NS server = ns1.ty.playcool.com
ty NS server = ns2.ty.playcool.com
ns1.ty A 122.226.192.98
ns2.ty A 122.226.192.99
ucenter A 122.226.192.57
forum.us A 114.80.81.123
uspass A 114.80.81.219
websg A 172.18.28.109
webtickets A 114.80.81.7
wh A 114.80.81.27
www A 122.226.192.57

修复方案:

找蓝翔专家吧

版权声明:转载请注明来源 ReJeCt@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:10

确认时间:2012-04-18 16:53

厂商回复:

已经修复该安全漏洞。
非常感谢ReJeCt

最新状态:

暂无