乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-06-22: 细节已通知厂商并且等待厂商处理中 2015-06-23: 厂商已经确认,细节仅向厂商公开 2015-07-03: 细节向核心白帽子及相关领域专家公开 2015-07-13: 细节向普通白帽子公开 2015-07-23: 细节向实习白帽子公开 2015-08-07: 细节向公众公开
搜狐畅游一处配置文件泄露7个数据库账号
http://74.201.81.139/WEB-INF/proxool.xmlhttp://74.201.81.139/WEB-INF/web.xml
对应域名是:
http://cas.us.changyou.com/
但只有通过IP访问可以直接下载配置文件。
<servlet><description>Changyou account center initialize servlet</description><display-name>InitChangyou</display-name><servlet-name>InitChangyou</servlet-name><servlet-class>com.changyou.servlet.InitChangyou</servlet-class><load-on-startup>2</load-on-startup></servlet>
<servlet-name>CAS Client Init</servlet-name><servlet-class>edu.yale.its.tp.cas.client.servlet.CASClientInit</servlet-class><init-param><param-name>edu.yale.its.tp.cas.server.casServerLoginUrl</param-name><param-value>http://cas.us.changyou.com/login</param-value></init-param><init-param><param-name>edu.yale.its.tp.cas.server.casServerValidateUrl</param-name><param-value>http://cas.us.changyou.com/serviceValidate</param-value></init-param><init-param><param-name>edu.yale.its.tp.cas.server.casServerLogoutUrl</param-name><param-value>http://account.us.changyou.com/logout</param-value></init-param><init-param><param-name>edu.yale.its.tp.cas.client.casClientServerName</param-name><param-value>account.us.changyou.com</param-value></init-param><init-param><param-name>edu.yale.its.tp.cas.client.casClientServerEncode</param-name><param-value>UTF-8</param-value></init-param><init-param><param-name>edu.yale.its.tp.cas.client.casClientGenerateSession</param-name><param-value>http://account.us.changyou.com/LoginGenerateSession</param-value></init-param>
泄露7个数据库账号:
<alias>app_user_center</alias><driver-url>jdbc:mysql://192.168.124.214:3306/gameuser?noAccessToProcedureBodies=true&useUnicode=true&characterEncoding=utf-8</driver-url><driver-class>com.mysql.jdbc.Driver</driver-class><driver-properties><property name="user" value="north_sde"/><property name="password" value="t2oSHiUDOvpuBHYRqzs84ir9HN0x/bIruxVkupcLAZg="/></driver-properties><alias>app_active</alias><driver-url>jdbc:mysql://192.168.124.214:3308/tlbb?noAccessToProcedureBodies=true&useUnicode=true&characterEncoding=utf-8</driver-url><driver-class>com.mysql.jdbc.Driver</driver-class><driver-properties><property name="user" value="active_user"/><property name="password" value="qww8jCs+fgJbpJ2+tellpSQo0ngTQAEEqt5687XBjtg="/></driver-properties><alias>recharge</alias><driver-url>jdbc:mysql://192.168.124.210:3307/xunxian_ims_en?noAccessToProcedureBodies=true&useUnicode=true&characterEncoding=utf-8</driver-url><driver-class>com.mysql.jdbc.Driver</driver-class><driver-properties><property name="user" value="xx_glbpoint_885"/><property name="password" value="zjYv0Da8fbtCe6LINlMj/er7Z762zMzHvyyiiQqs2Po="/></driver-properties><alias>web_service</alias><driver-url>jdbc:mysql://192.168.124.215:3306/csdb?noAccessToProcedureBodies=true&useUnicode=true&characterEncoding=utf-8</driver-url><driver-class>com.mysql.jdbc.Driver</driver-class><driver-properties><property name="user" value="csfw"/><property name="password" value="HKFQDtMKgzhDSEm1CW7sixoM/zxquY0woI93eV6Ju3g="/></driver-properties><alias>app_dj_active</alias><driver-url>jdbc:mysql://192.168.124.217:3308/sword2_inner?noAccessToProcedureBodies=true&useUnicode=true&characterEncoding=utf-8</driver-url><driver-class>com.mysql.jdbc.Driver</driver-class><driver-properties><property name="user" value="sw2in_acusr342"/><property name="password" value="Uhe8DZAx9fC1nC7C/oqsrHS+SPPnY5KF"/></driver-properties><alias>app_xx_active</alias><driver-url>jdbc:mysql://192.168.124.214:3308/xunxian?noAccessToProcedureBodies=true&useUnicode=true&characterEncoding=utf-8</driver-url><driver-class>com.mysql.jdbc.Driver</driver-class><driver-properties><property name="user" value="xx_actUser281"/><property name="password" value="exxRC3HrPAcX0hDzQxe2ZYjlA2XzujH2"/></driver-properties><alias>app_8bitFighter_active</alias><driver-url>jdbc:mysql://192.168.124.214:3308/tianguan?noAccessToProcedureBodies=true&useUnicode=true&characterEncoding=utf-8</driver-url><driver-class>com.mysql.jdbc.Driver</driver-class><driver-properties><property name="user" value="tg_actUser391"/><property name="password" value="tdMmeJlwpd4+llOay0E5awMwMJ2f2IPO"/></driver-properties>
禁止http访问
危害等级:中
漏洞Rank:5
确认时间:2015-06-23 06:55
已确认,正安排修复,非常感谢!
暂无