当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0160925

漏洞标题:北京市某能源监测系统命令执行getshell(root权限,多内网环境)

相关厂商:cncert国家互联网应急中心

漏洞作者: 路人甲

提交时间:2015-12-18 00:48

修复时间:2016-02-01 19:48

公开时间:2016-02-01 19:48

漏洞类型:命令执行

危害等级:高

自评Rank:15

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-12-18: 细节已通知厂商并且等待厂商处理中
2015-12-22: 厂商已经确认,细节仅向厂商公开
2016-01-01: 细节向核心白帽子及相关领域专家公开
2016-01-11: 细节向普通白帽子公开
2016-01-21: 细节向实习白帽子公开
2016-02-01: 细节向公众公开

简要描述:

rt

详细说明:

**.**.**.**

2015-12-13 11:01:37屏幕截图.png

漏洞证明:

2015-12-13 11:02:27屏幕截图.png


eth0      Link encap:Ethernet  HWaddr C4:34:6B:AC:A2:8C  
inet addr:**.**.**.** Bcast:**.**.**.** Mask:**.**.**.**
inet6 addr: fe80::c634:6bff:feac:a28c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:106332729 errors:0 dropped:0 overruns:0 frame:0
TX packets:90802144 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1904373974 (1.7 GiB) TX bytes:1879415907 (1.7 GiB)
eth0:2 Link encap:Ethernet HWaddr C4:34:6B:AC:A2:8C
inet addr:**.**.**.** Bcast:**.**.**.** Mask:**.**.**.**
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
eth0:3 Link encap:Ethernet HWaddr C4:34:6B:AC:A2:8C
inet addr:**.**.**.** Bcast:**.**.**.** Mask:**.**.**.**
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
eth1 Link encap:Ethernet HWaddr C4:34:6B:AC:A2:8D
inet addr:**.**.**.** Bcast:**.**.**.** Mask:**.**.**.**
inet6 addr: fe80::c634:6bff:feac:a28d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:184072885 errors:0 dropped:0 overruns:0 frame:8
TX packets:156219578 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3145979549 (2.9 GiB) TX bytes:181612164 (173.1 MiB)
Interrupt:24 Memory:d0a50000-d0a60000
lo Link encap:Local Loopback
inet addr:**.**.**.** Mask:**.**.**.**
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:188842503 errors:0 dropped:0 overruns:0 frame:0
TX packets:188842503 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2861924135 (2.6 GiB) TX bytes:2861924135 (2.6 GiB)
peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:106406326 errors:0 dropped:0 overruns:0 frame:0
TX packets:143627290 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2350064672 (2.1 GiB) TX bytes:1613383663 (1.5 GiB)
Interrupt:23 Memory:d0a00000-d0a10000
vif0.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
inet6 addr: fe80::fcff:ffff:feff:ffff/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:90802145 errors:0 dropped:0 overruns:0 frame:0
TX packets:106332729 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1879383491 (1.7 GiB) TX bytes:1904374134 (1.7 GiB)
virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
inet addr:**.**.**.** Bcast:**.**.**.** Mask:**.**.**.**
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:947 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:142531 (139.1 KiB)
xenbr0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:5333729 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:755557784 (720.5 MiB) TX bytes:0 (0.0 b)

修复方案:

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:8

确认时间:2015-12-22 18:16

厂商回复:

漏洞重复,CNVD不在重复处置。

最新状态:

暂无