当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2013-017919

漏洞标题:多友科技DNS域传送漏洞

相关厂商:多友科技(北京)有限公司

漏洞作者: txcbg

提交时间:2013-01-28 18:19

修复时间:2013-03-14 18:20

公开时间:2013-03-14 18:20

漏洞类型:系统/服务运维配置不当

危害等级:低

自评Rank:3

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2013-01-28: 细节已通知厂商并且等待厂商处理中
2013-01-28: 厂商已经确认,细节仅向厂商公开
2013-02-07: 细节向核心白帽子及相关领域专家公开
2013-02-17: 细节向普通白帽子公开
2013-02-27: 细节向实习白帽子公开
2013-03-14: 细节向公众公开

简要描述:

看到是新来的 厂家,欢迎之余简单看了下问斩,发现了一点小安全问题——DNS域传送漏洞。

详细说明:

多友科技的DNS服务器ns.looyu.com配置不当,存在域传送漏洞,泄露敏感信息。

漏洞证明:

C:\>nslookup
*** Can't find server name for address 222.122.139.1: Non-existent domai
Default Server: UnKnown
Address: 222.122.139.1
> set type=n
unknown query type: n
> set type=ns
> www.looyu.com
Server: UnKnown
Address: 222.122.139.1
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
> www.looyu.com
Server: UnKnown
Address: 222.122.139.1
looyu.com
primary name server = ns.looyu.com
responsible mail addr = looyu.com
serial = 20121211
refresh = 28800 (8 hours)
retry = 7200 (2 hours)
expire = 2419200 (28 days)
default TTL = 86400 (1 day)
> server ns.looyu.com
Default Server: ns.looyu.com
Address: 60.28.217.4
> ls looyu.com
[ns.looyu.com]
looyu.com. A 42.121.17.160
looyu.com. NS server = ns.looyu.com
looyu.com. NS server = ns1.looyu.com
looyu.com. NS server = ns2.looyu.com
looyu.com. NS server = ns3.looyu.com
looyu.com. NS server = ns5.looyu.com
* A 50.19.17.188
51 A 60.28.217.86
51daifu A 60.28.217.4
51fund A 60.28.217.4
51pph A 60.28.217.86
5i5j A 60.28.217.86
95teleweb A 60.28.217.86
99jsw A 60.28.217.4
9diamond A 60.28.217.86
acgidd A 60.28.217.4
ag14 A 60.28.217.86
ali063 A 42.120.17.198
ali064 A 42.121.67.172
ali065 A 42.121.67.172
ali14 A 42.120.16.167
ali142 A 42.120.16.59
ali167 A 110.76.42.167
ali76 A 42.121.14.44
ali761 A 42.121.65.121
ana A 60.28.209.156
aopeng A 60.28.217.86
api A 60.28.217.13
bbs A 110.76.42.176
bdqn A 60.28.217.86
bnq A 60.28.217.4
boloni A 60.28.217.4
cfile A 60.28.217.10
cfile1 A 60.28.217.7
cfile1 A 60.28.220.186
chat A 60.28.217.86
chat10 A 60.28.217.10
chat11 A 60.28.217.11
chat156 A 60.28.209.156
chat27 A 60.28.217.26
chat7 A 60.28.217.26
chat70 A 60.28.217.70
chat71 A 60.28.217.71
chat72 A 60.28.217.72
chat76 A 60.28.217.76
cn A 60.28.217.86
console14 A 60.28.193.205
console5 A 60.28.193.205
console6 A 60.28.193.205
console75 A 60.28.193.205
debug A 202.85.220.253
download A 60.28.217.86
dxt076 A 110.76.42.176
elong A 60.28.217.86
email A 60.28.217.86
encrypt A 60.28.217.4
etian A 60.28.217.86
farmer A 60.28.217.13
file A 202.85.220.253
ftp A 60.28.193.204
gamfe A 60.28.217.86
goodbb A 60.28.217.4
hairsos A 60.28.217.86
htexam A 60.28.217.86
huatu A 60.28.217.86
hxsd A 60.195.248.35
hy020a A 110.76.42.167
hy021 A 110.76.42.167
hy030 A 110.76.42.17
hy030a A 110.76.42.17
ilidu A 60.28.217.4
j A 60.28.217.4
j1 A 60.28.217.4
j2 A 60.28.217.4
j3 A 60.28.217.4
j4 A 60.28.217.4
j5 A 60.28.217.4
j6 A 60.28.217.4
jhjy A 60.28.217.4
jhly A 60.28.217.86
jiachunbao A 60.28.217.4
jiayi A 60.28.217.4
js A 60.28.217.4
juneng A 60.28.217.4
juren A 60.28.217.86
kj-yy A 60.28.217.4
kuoda A 60.28.217.4
ld A 60.28.217.86
lgys A 60.28.217.86
m134 A 60.28.217.20
m136 A 60.28.193.136
m137 A 60.28.193.137
m138 A 60.28.193.138
m141 A 60.28.193.141
m148 A 60.28.193.148
m149 A 60.28.193.149
m151 A 60.28.193.151
m152 A 60.28.193.152
m153 A 60.28.193.153
m154 A 60.28.193.154
m155 A 60.28.193.155
m157 A 60.28.193.157
m182 A 60.28.220.182
m183 A 60.28.220.183
m184 A 60.28.220.184
m186 A 60.28.220.186
m188 A 60.28.220.188
mail A 110.76.42.176
mgr05 A 60.28.209.156
mgr06 A 60.28.209.156
mgr14 A 60.28.209.156
mgr76 A 60.28.209.156
michelin A 60.28.217.4
mjbl A 60.28.217.86
newpower A 60.28.217.4
ns A 60.28.217.4
ns1 A 60.28.193.141
ns2 A 58.83.209.100
ns3 A 61.151.247.166
ns5 A 58.83.209.100
nsfocus A 60.28.217.86
olzbw A 60.28.217.4
openlab A 60.28.217.86
pac071 A 222.126.246.252
payez A 60.28.217.4
postfixadmin A 110.76.42.176
proxy A 202.85.220.253
proxy1 A 60.28.193.141
proxy2 A 60.28.209.156
proxy3 A 42.121.65.121
proxy4 A 42.121.65.121
qide A 60.28.217.86
qnlxs A 60.28.217.4
secure A 60.28.217.4
sjs A 60.28.217.86
smpx A 60.28.217.86
status A 60.28.217.4
sunland A 60.28.217.4
sytq120 A 60.28.217.86
test A 42.121.15.136
update A 202.85.220.253
uuvisa A 60.28.217.4
wenc A 60.28.217.86
wmdl A 60.28.217.4
wooha A 60.28.217.86
www A 42.121.17.160
xagy A 60.28.217.86
xalx A 60.28.217.86
xdf A 60.28.217.86
xhce A 60.28.217.86
xrs A 60.28.217.86
xsledu A 60.28.217.4
yodak A 60.28.217.86
z8800 A 60.28.217.4
zm7 A 60.28.217.4
zz A 60.28.217.86


如图1。

1.jpg

修复方案:

更改DNS服务器配置。

版权声明:转载请注明来源 txcbg@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:6

确认时间:2013-01-28 20:09

厂商回复:

感谢!

最新状态:

暂无