乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2016-05-04: 细节已通知厂商并且等待厂商处理中 2016-05-06: 厂商已经确认,细节仅向厂商公开 2016-05-16: 细节向核心白帽子及相关领域专家公开 2016-05-26: 细节向普通白帽子公开 2016-06-05: 细节向实习白帽子公开 2016-06-20: 细节向公众公开
////
**.**.**.**:8000/logonAction.do
反序列getshell
**.**.**.**:8000/bea_wls_internal/1.jsp
买吗:
*****og*****
jdbc:
<url>jdbc:oracle:thin:@**.**.**.**:1521:orcl</url> <driver-name>oracle.jdbc.OracleDriver</driver-name> <properties> <property> <name>user</name> <value>crcc</value> </property> </properties> <password-encrypted>{AES}lByyoZxet2AR9oqf1ndaDaYREeJqMgoY20AaE8R9Vs8=</password-encrypted>
CRCC INDEXPAGESEQ_DAY 408014752CRCC T_WH_UGROUPMENU_CUSTOM 29736548CRCC T_WH_UGROUPMENU_BS 21183330CRCCTEST T_WH_UGROUPMENU_CUSTOM 17480015CRCCTEST T_WH_UGROUPMENU_BS 11605428CRCC JBPM_VARIABLEINSTANCE 8159257CRCC RECORD_BOSQL 5091170CRCC T_WH_USERMENU_CUSTOM 4324973CRCC T_WH_USERMENU_BS 3043405CRCCTEST T_WH_USERMENU_CUSTOM 2205642CRCCTEST T_WH_USERMENU_BS 1629821CRCCTEST JBPM_VARIABLEINSTANCE 1411872CRCC XTREC 1058414CRCC XTMODLOG 1058403CRCCTEST T_WH_UGROUPMENU_CUSTOM_110526 963491CRCC T_WH_UGROUPMENU_CUSTOM_110526 963491CRCCTEST INDEXPAGESEQ_DAY 736585CRCC JBPM_NODE 730969SYS SOURCE$ 658475CRCC JBPM_TRANSITION 633957CRCC T_WH_USERMENU_CUSTOM_20110930 588624CRCC JBPM_BYTEBLOCK 580688CRCC JBPM_TASK 498221CRCC JBPM_TASKINSTANCE 403947CRCC JBPM_MODULEDEFINITION 379854CRCC T_AUDIT_COMMENT 378890SYS WRH$_SYSSTAT 338821SYS WRI$_OPTSTAT_HISTGRM_HISTORY 300452CRCC SMS_OUTBOX_LOG 299305SYS WRH$_LATCH 290418SYS HISTGRM$ 287306SYS WRH$_SYSMETRIC_HISTORY 274760CRCC JBPM_BYTEARRAY 265213CRCC SBGZJHMX 261570CRCC MV_JHZXQK 261442CRCC HR_USERINFO 250604CRCC RECORD_XML 247087
更新补丁
危害等级:高
漏洞Rank:12
确认时间:2016-05-06 17:44
CNVD确认并复现所述情况,已由CNVD通过网站管理方公开联系渠道向其邮件通报,由其后续提供修复方案。
暂无