当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0166380

漏洞标题:美乐乐家居商城Apache SOLR 未授权访问

相关厂商:meilele.com

漏洞作者: 路人甲

提交时间:2016-01-03 19:42

修复时间:2016-02-12 18:49

公开时间:2016-02-12 18:49

漏洞类型:系统/服务运维配置不当

危害等级:中

自评Rank:8

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2016-01-03: 细节已通知厂商并且等待厂商处理中
2016-01-04: 厂商已经确认,细节仅向厂商公开
2016-01-14: 细节向核心白帽子及相关领域专家公开
2016-01-24: 细节向普通白帽子公开
2016-02-03: 细节向实习白帽子公开
2016-02-12: 细节向公众公开

简要描述:

RT

详细说明:

http://chat.meilele.com/solr/#/


20151231133733.png

漏洞证明:

catalina.​ext.​dirs/opt/jboss_s/server/default/lib
catalina.​home/opt/jboss_s/server/default
file.​encodingUTF-8
file.​encoding.​pkgsun.io
file.​separator/
hornetq.​remoting.​netty.​batch.​port5455
hornetq.​remoting.​netty.​port5445
hornetq.​remoting.​netty.​ssl.​port5446
java.​awt.​graphicsenvsun.awt.X11GraphicsEnvironment
java.​awt.​printerjobsun.print.PSPrinterJob
java.​class.​path/opt/jboss_s/bin/run.jar/usr/java/jdk1.6.0_38/lib/tools.jar
java.​class.​version50.0
java.​endorsed.​dirs/opt/jboss_s/lib/endorsed
java.​ext.​dirs/usr/java/jdk1.6.0_38/jre/lib/ext/usr/java/packages/lib/ext
java.​home/usr/java/jdk1.6.0_38/jre
java.​io.​tmpdir/tmp
java.​library.​path/opt/jboss_s/bin/native/lib64
java.​naming.​factory.​initialorg.jnp.interfaces.NamingContextFactory
java.​naming.​factory.​url.​pkgsorg.jboss.naming:org.jnp.interfaces
java.​net.​preferIPv4Stacktrue
java.​protocol.​handler.​pkgsorg.jboss.net.protocol|org.jboss.vfs.protocol
java.​rmi.​server.​RMIClassLoaderSpiorg.jboss.system.JBossRMIClassLoader
java.​rmi.​server.​codebasehttp://127.0.0.1:8183/
java.​rmi.​server.​hostname127.0.0.1
java.​runtime.​nameJava(TM) SE Runtime Environment
java.​runtime.​version1.6.0_38-b05
java.​security.​auth.​login.​configvfs:/opt/jboss_s/common/lib/picketbox-bare.jar/auth.conf
java.​specification.​nameJava Platform API Specification
java.​specification.​vendorSun Microsystems Inc.
java.​specification.​version1.6
java.​util.​logging.​managerorg.jboss.logmanager.LogManager
java.​vendorSun Microsystems Inc.
java.​vendor.​urlhttp://java.sun.com/
java.​vendor.​url.​bughttp://java.sun.com/cgi-bin/bugreport.cgi
java.​version1.6.0_38
java.​vm.​infomixed mode
java.​vm.​nameJava HotSpot(TM) 64-Bit Server VM
java.​vm.​specification.​nameJava Virtual Machine Specification
java.​vm.​specification.​vendorSun Microsystems Inc.
java.​vm.​specification.​version1.0
java.​vm.​vendorSun Microsystems Inc.
java.​vm.​version20.13-b02
javax.​management.​builder.​initialorg.jboss.mx.server.MBeanServerBuilderImpl
jboss.​bind.​address127.0.0.1
jboss.​boot.​server.​log.​dir/opt/jboss_s/server/default/log
jboss.​bootstrap.​home.​urlfile:/opt/jboss_s/server/default/conf/
jboss.​bootstrap.​namebootstrap.xml
jboss.​bootstrap.​urlfile:/opt/jboss_s/server/default/conf/bootstrap.xml
jboss.​common.​base.​urlfile:/opt/jboss_s/common/
jboss.​common.​lib.​urlfile:/opt/jboss_s/common/lib/
jboss.​home/opt/jboss_s
jboss.​home.​dir/opt/jboss_s
jboss.​home.​urlfile:/opt/jboss_s/
jboss.​host.​nameserver17
jboss.​jgroups.​diagnostics_addr224.0.75.75
jboss.​jgroups.​diagnostics_port7500
jboss.​jgroups.​tcp.​fd_sock_port57600
jboss.​jgroups.​tcp.​mping_mcast_addr230.0.0.4
jboss.​jgroups.​tcp.​mping_mcast_port45700
jboss.​jgroups.​tcp.​tcp_port7600
jboss.​jgroups.​udp.​bind_port55200
jboss.​jgroups.​udp.​fd_sock_port54200
jboss.​jgroups.​udp.​mcast_addr230.0.0.4
jboss.​jgroups.​udp.​mcast_port45688
jboss.​lib.​urlfile:/opt/jboss_s/lib/
jboss.​messaging.​connector.​bisocket.​port4457
jboss.​native.​dir/opt/jboss_s/server/default/tmp/native
jboss.​native.​loadfalse
jboss.​node.​nameserver17
jboss.​partition.​nameDefaultPartition
jboss.​platform.​mbeanservertrue
jboss.​qualified.​host.​nameserver17
jboss.​remoting.​version22
jboss.​server.​base.​dir/opt/jboss_s/server
jboss.​server.​base.​urlfile:/opt/jboss_s/server/
jboss.​server.​config.​urlfile:/opt/jboss_s/server/default/conf/
jboss.​server.​data.​dir/opt/jboss_s/server/default/data
jboss.​server.​home.​dir/opt/jboss_s/server/default
jboss.​server.​home.​urlfile:/opt/jboss_s/server/default/
jboss.​server.​lib.​urlfile:/opt/jboss_s/server/default/lib/
jboss.​server.​log.​dir/opt/jboss_s/server/default/log
jboss.​server.​namedefault
jboss.​server.​temp.​dir/opt/jboss_s/server/default/tmp
jboss.​vfs.​forceCopytrue
jboss.​web.​ajp.​port8009
jboss.​web.​http.​port8080
jboss.​web.​https.​port8443
jbossmx.​loader.​repository.​classorg.jboss.mx.loading.UnifiedLoaderRepository3
jgroups.​bind_addr127.0.0.1
line.​separator\n
org.​apache.​catalina.​STRICT_SERVLET_COMPLIANCEtrue
org.​apache.​catalina.​connector.​CoyoteAdapter.​X_POWERED_BYServlet/3.0; JBossAS-6
org.​apache.​catalina.​connector.​Request.​SESSION_ID_CHECKtrue
org.​apache.​catalina.​connector.​X_POWERED_BYtrue
org.​apache.​catalina.​core.​StandardHost.​configClassorg.jboss.web.tomcat.service.deployers.JBossContextConfig
org.​apache.​jasper.​Constants.​INJECT_TAGStrue
org.​apache.​jasper.​Constants.​USE_INSTANCE_MANAGER_FOR_TAGStrue
org.​apache.​jasper.​runtime.​BodyContentImpl.​LIMIT_BUFFERtrue
org.​apache.​tomcat.​util.​buf.​StringCache.​byte.​enabledtrue
org.​apache.​tomcat.​util.​http.​ServerCookie.​FWD_SLASH_IS_SEPARATORfalse
org.​jboss.​deployers.​spi.​deployer.​matchers.​NameIgnoreMechanismorg.jboss.deployers.spi.deployer.helpers.DummyNameIgnoreMechanism
org.​jboss.​logging.​Logger.​pluginClassorg.jboss.logging.logmanager.LoggerPluginImpl
org.​jboss.​reflect.​spi.​TypeInfoFactoryorg.jboss.reflect.plugins.introspection.IntrospectionTypeInfoFactory
org.​jboss.​resolver.​warningtrue
os.​archamd64
os.​nameLinux
os.​version2.6.32-279.el6.x86_64
path.​separator:
program.​namerun.sh
sun.​arch.​data.​model64
sun.​boot.​class.​path/opt/jboss_s/lib/endorsed/jboss-annotations-api_1.1_spec.jar/opt/jboss_s/lib/endorsed/jbossws-cxf-factories.jar/opt/jboss_s/lib/endorsed/activation.jar/opt/jboss_s/lib/endorsed/jboss-jaxws-api_2.2_spec.jar/opt/jboss_s/lib/endorsed/jboss-jaxb-api_2.2_spec.jar/opt/jboss_s/lib/endorsed/stax-api.jar/usr/java/jdk1.6.0_38/jre/lib/resources.jar/usr/java/jdk1.6.0_38/jre/lib/rt.jar/usr/java/jdk1.6.0_38/jre/lib/sunrsasign.jar/usr/java/jdk1.6.0_38/jre/lib/jsse.jar/usr/java/jdk1.6.0_38/jre/lib/jce.jar/usr/java/jdk1.6.0_38/jre/lib/charsets.jar/usr/java/jdk1.6.0_38/jre/lib/modules/jdk.boot.jar/usr/java/jdk1.6.0_38/jre/classes
sun.​boot.​library.​path/usr/java/jdk1.6.0_38/jre/lib/amd64
sun.​cpu.​endianlittle
sun.​cpu.​isalist
sun.​io.​unicode.​encodingUnicodeLittle
sun.​java.​commandorg.jboss.Main
sun.​java.​launcherSUN_STANDARD
sun.​jnu.​encodingUTF-8
sun.​management.​compilerHotSpot 64-Bit Tiered Compilers
sun.​os.​patch.​levelunknown
sun.​rmi.​dgc.​client.​gcInterval3600000
sun.​rmi.​dgc.​server.​gcInterval3600000
user.​countryUS
user.​dir/opt/rule_mll/data_page_tomcat/bin
user.​home/root
user.​languageen
user.​nameroot
user.​timezoneAsia/Chungking
xb.​builder.​repeatableParticleHandlersfalse
xb.​builder.​useUnorderedSequencetrue

修复方案:

我是想要邀请码的

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:低

漏洞Rank:2

确认时间:2016-01-04 10:06

厂商回复:

谢谢

最新状态:

暂无