漏洞概要 关注数(10) 关注此漏洞
缺陷编号: WooYun-2016-186592
漏洞标题: 中国铝业公司某站远程命令执行进入企业大内网(SYSTEM权限/570内网主机/8个域/直接控制域控)
相关厂商: 中国铝业公司
漏洞作者: 路人甲
提交时间: 2016-03-19 21:40
公开时间: 2016-05-07 17:30
漏洞类型: 命令执行
危害等级: 高
自评Rank: 20
漏洞状态: 已交由第三方合作机构(cncert国家互联网应急中心)处理
漏洞来源:www.wooyun.org ,如有疑问或需要帮助请联系
Tags标签: 无
漏洞详情
披露状态:
2016-03-19: 细节已通知厂商并且等待厂商处理中
2016-03-23: 厂商已经确认,细节仅向厂商公开
2016-04-02: 细节向核心白帽子及相关领域专家公开
2016-04-12: 细节向普通白帽子公开
2016-04-22: 细节向实习白帽子公开
2016-05-07: 细节向公众公开
简要描述:
RT
详细说明:
漏洞站点:
**.**.**.**:8880/
存在java远程命令执行
Java Version: 1.6.0
Operate System: Windows Server 2008 R2
OS Version: 6.1
OS Architecture: amd64
Current Login User: SYSTEM
User Home Directory: C:/Windows/system32/config/systemprofile
User Current Directory: D:/IBM/WebSphere/AppServer/profiles/AppSrv01
Default Temporary Directory: C:/Windows/TEMP/
**.**.**.** 中国铝业
多个域
大量主机服务器
涓绘満鍚� . . . . . . . . . . . . . : GX-KM-SERV
涓� DNS 鍚庣紑 . . . . . . . . . . . : gx.**.**.**.**
鑺傜偣绫诲瀷 . . . . . . . . . . . . : 娣峰悎
IP 璺敱宸插惎鐢� . . . . . . . . . . : 鍚�
WINS 浠g悊宸插惎鐢� . . . . . . . . . : 鍚�
DNS 鍚庣紑鎼滅储鍒楄〃 . . . . . . . . : gx.**.**.**.**
**.**.**.**
浠ュお缃戦�傞厤鍣� 鏈湴杩炴帴:
杩炴帴鐗瑰畾鐨� DNS 鍚庣紑 . . . . . . . :
鎻忚堪. . . . . . . . . . . . . . . : Broadcom BCM5709C NetXtreme II GigE (NDIS VBD Client)
鐗╃悊鍦板潃. . . . . . . . . . . . . : E4-1F-13-1E-5F-48
DHCP 宸插惎鐢� . . . . . . . . . . . : 鍚�
鑷姩閰嶇疆宸插惎鐢�. . . . . . . . . . : 鏄�
鏈湴閾炬帴 IPv6 鍦板潃. . . . . . . . : fe80::d102:f82e:dad6:933f%11(棣栭��)
IPv4 鍦板潃 . . . . . . . . . . . . : **.**.**.**(棣栭��)
瀛愮綉鎺╃爜 . . . . . . . . . . . . : **.**.**.**
榛樿缃戝叧. . . . . . . . . . . . . : **.**.**.**
DHCPv6 IAID . . . . . . . . . . . : 249831187
DHCPv6 瀹㈡埛绔� DUID . . . . . . . : 00-01-00-01-19-51-D0-73-E4-1F-13-1E-5F-48
DNS 鏈嶅姟鍣� . . . . . . . . . . . : ::1
**.**.**.**
涓� WINS 鏈嶅姟鍣� . . . . . . . . . : **.**.**.**
杈呭姪 WINS 鏈嶅姟鍣� . . . . . . . . : **.**.**.**
TCPIP 涓婄殑 NetBIOS . . . . . . . : 宸插惎鐢�
闅ч亾閫傞厤鍣� isatap.{CDBB279F-3511-4FF5-85F3-2E0847CE408D}:
濯掍綋鐘舵�� . . . . . . . . . . . . : 濯掍綋宸叉柇寮�
杩炴帴鐗瑰畾鐨� DNS 鍚庣紑 . . . . . . . :
鎻忚堪. . . . . . . . . . . . . . . : Microsoft ISATAP Adapter
鐗╃悊鍦板潃. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP 宸插惎鐢� . . . . . . . . . . . : 鍚�
鑷姩閰嶇疆宸插惎鐢�. . . . . . . . . . : 鏄�
闅ч亾閫傞厤鍣� Teredo Tunneling Pseudo-Interface:
濯掍綋鐘舵�� . . . . . . . . . . . . : 濯掍綋宸叉柇寮�
杩炴帴鐗瑰畾鐨� DNS 鍚庣紑 . . . . . . . :
鎻忚堪. . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
鐗╃悊鍦板潃. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP 宸插惎鐢� . . . . . . . . . . . : 鍚�
鑷姩閰嶇疆宸插惎鐢�. . . . . . . . . . : 鏄�
=================================================================
鏈嶅姟鍣ㄥ悕绉� 娉ㄨВ
-------------------------------------------------------------------------------
//AHB_AQK_06
//AHB_AQK_11
//BWB_SHQBWK_WLF
//BWB_XQBW_CQJK
//BWB_XQBW_WHQ
//BWB_YYZX_02
//BWB_ZHK_YXA
//CNB_GL_02
//CNB_GL_05
//CNB_GL_11
//CNB_GL_12
//CWB_SZGLK_04
//CWB_XSHSK_06
//DJC_CD_02
//DJC_DDS_02
//DJC_ECJ_03
//DJC_ECJII_01
//DJC_JDK_19
//DJC_JDK_24 鐢佃В閾濆巶鏈哄姩绉�
//DJC_JHCJ_01
//DJC_JHCJ_03
//DJC_JSK_02
//DJC_JSK_03
//DJC_JSK_04
//DJC_JSK_08
//DJC_LRK_01
//DJC_LRK_02
//DJC_SCJ_01
//DJC_SCKZZX_02
//DJC_YCJ_04
//DJC_ZHK_LSHSH
//DJC_ZHK_YYR
//DJC_ZZCJ_02 djc_zzcj_02
//DJC_ZZCJ_03 鐢佃В閾濆巶閾搁�犺溅闂�
//DJC_ZZCJ_05 鐢佃В閾濆巶閾搁�犲伐鍖�
//DLC_DXCJ_YBB
//DLC_GDCJ_04
//DLC_GSCJ_01
//DLC_JXCJ_01
//DLC_JXCJ_08
//DLC_JXCJ_09
//DLC_JXCJ_10
//DLC_KYCJ_07
//DLC_KZZX_03
//DLC_ZBNYK_15
//DLC_ZBNYK_16
//DLC_ZHK_08
//DQGZ_ZZB_ZYD
//DWGZB_XWZX_HYA
//FZCLC_SCK_ZGH
//GC5D_JZC
//GFGS_JKC_NONGWT
//GFGS_JKC_ZYY
//GFGS_JX2C_08
//GFGS_JX2C_09
//GFGS_WD_LSC
//GX-CLUSTER
//GX-DATA-SRV gx-data-srv
//GX-DC1
//GX-DC2
//GX-FILENET-SERV
//GX-KM-SERV
//GX-MAIL
//GX-MAIL01
//GX-MSDTC
//GX-NAS-SERV2 gx-nas-serv2
//GX-SMS-SERV
//GX_BKSERVER
//GX_BWB_NX
//GX_CX_LHJC_03
//GX_FILE_SERVER
//GX_ISA2_SERV
//GX_ISA_SERV
//GX_JM_SERV gx_jm_serv
//GX_KS_FILE gx_ks_file
//GX_LJP
//GX_XZD_SERV
//GXANYIAPP
//GXGH_BGS_LGH
//GXGH_TSG_YM gxgh_tsg_ym
//GYC_BGS_CHXH
//GYC_HTK_06
//HQZX_FCK_SJ
//HQZX_LTB_DAS
//HQZX_SHQBWK_HZQ
//HQZX_SHQBWK_SGL
//JJJCB_HXF
//JJJCB_SHUZH
//JKED
//JLB-ZHK-FENGW
//JLB_CD_ZLG
//JLB_DAG_06
//JLB_JGSWK_02
//JLB_JGSWK_168
//JLB_YHY
//JLB_ZHK_OJ
//JLGS_JYB_LGQ
//JSZX_CPZ_02
//JSZX_CPZ_05
//JSZX_FXJCS_06
//JSZX_FXJCS_08
//JSZX_FXJCS_12
//JSZX_FXJCS_15
//JSZX_KZFXZ_01
//JSZX_KZFXZ_04
//JSZX_KZFXZ_06
//JSZX_KZFXZ_14
//JSZX_MQTLZ_01
//JSZX_YFJSK_03
//JSZX_YFJSK_04
//JSZX_YFJSK_05
//JSZX_YFJSK_06 jszx_yfjsk_06
//JSZX_ZGK_05
//JSZX_ZGK_07
//JSZX_ZGK_15
//JSZX_ZHFXZ_01
//JSZX_ZHFXZ_02
//JSZX_ZHFXZ_07
//JSZX_ZHFXZ_08 jszx_zhfxz_08
//JXC_AHK_01
//JXC_AHK_02
//JXC_AHK_WGZ
//JXC_BGS_LYX
//JXC_BGS_SZJ
//JXC_BGS_ZZX
//JXC_DAXCJ_04
//JXC_DAXCJ_06
//JXC_DQJXCJ_03
//JXC_DTCJ_01
//JXC_DTCJ_5B
//JXC_DXCJ_05
//JXC_GCK_LIUB
//JXC_JDK_QXG
//JXC_JGCJ_01
//JXC_JGCJ_06
//JXC_JGCJ_07
//JXC_JGCJ_08
//JXC_JGCJ_09
//JXC_JGCJ_3B
//JXC_JGCJ_4B
//JXC_JGCJ_6B
//JXC_JGCJ_LY
//JXC_JGCJ_RY
//JXC_JGCJ_WWS
//JXC_JX1CJ_04
//JXC_JX1CJ_3B
//JXC_JX1CJ_LCY
//JXC_JX1CJ_LIANG jxc_jx1cj_liangj
//JXC_JX1CJ_TSL
//JXC_JX2CJ_01
//JXC_JX2CJ_02
//JXC_JX2CJ_03
//JXC_JXCJ_01
//JXC_JXECJ_GY
//JXC_SCK_06
//JXC_SCK_10
//JXC_SCK_12
//JXC_SCK_14
//JXC_SCK_YH
//JXC_YRCJ_03
//JXC_YRCJ_05 jxc_jdk_b03
//JXC_YRCJ_07
//JXC_YRCJ_08
//JXC_YRCJ_4B jxc_yrcj_4b
//JXC_ZLCJ_04
//JXC_ZLCJ_05
//JXC_ZLCJ_06
//JXC_ZLCJ_07 jxc_zlcj_07
//JXC_ZLCJ_08
//JXC_ZLCJ_1B
//JXC_ZLCJ_2B
//JXC_ZLCJ_TZT
//KSB_BGS_03
//KSB_BGS_08
//KSB_BGS_CHZ
//KSB_BGS_ZY04
//KSB_CK_CHL 涓�鏈熷簱鎴�
//KSB_DJZ_04 浜庨缚
//KSB_DJZ_07
//KSB_DJZ_10
//KSB_DJZ_11 鍐锋睙
//KSB_DJZ_13
//KSB_DJZ_14
//KSB_DJZ_15
//KSB_DJZ_18
//KSB_DJZ_19
//KSB_DJZ_22 鏉ㄦ
//KSB_DJZ_23
//KSB_DJZ_YXY
//KSB_I_DJ_02
//KSB_I_JDK_10
//KSB_I_JX01
//KSB_I_JX_JX1 鐭垮北閮ㄦ淇伐鍖虹淮淇濈粍
//KSB_I_JX_YBB
//KSB_I_JXDD ksb_i_jxdd.gx.**.**.**.**
//KSB_I_SC_03
//KSB_I_SC_ZHB
//KSB_I_SCK_01
//KSB_I_YK
//KSB_II_DGB
//KSB_II_DGB01
//KSB_II_JX
//KSB_II_LCJX
//KSB_II_SC_04
//KSB_II_SC_05
//KSB_II_SC_JSY
//KSB_II_SC_ZYZ
//KSB_II_YK
//KSB_II_ZYZ
//KSB_III_BGS
//KSB_III_CS
//KSB_III_DD
//KSB_III_WZS
//KSB_JDK_TJG
//KSB_JX_03
//KSB_JX_AQY
//KSB_JX_CZG
//KSB_JX_HYZ
//KSB_JX_LSY
//KSB_JX_ZHB01
//KSB_KF_01 鍞愯惐
//KSB_KF_02 浜屾湡504搴�
//KSB_KF_WSL
//KSB_LCHJX_01
//KSB_PK_SERV
//KSB_RLZY_01
//KSB_SC_17
//KSB_SC_BZ01
//KSB_SC_LJ
//KSB_SC_PK
//KSB_SC_PK6
//KSB_SC_TB
//KSB_SC_TJ3
//KSB_SC_TZL
//KSB_SC_YY
//KSB_SC_ZHB
//KSB_SCK_HH
//KSB_SCK_LMX
//KSB_TDK_CJJ jdk01
//KSB_YYZX_02
//KSB_YYZX_07
//KSB_ZYB_LZL
//LG_CWB_01 lg_cwb_01
//LG_CWB_02 lg_cwb_02
//N3300A
//OA-SERV
//QGB_XJK_01
//RDC_AHK_LZY
//RDC_AHK_OUYWB
//RDC_AHK_XIEL
//RDC_AHK_YULI
//RDC_AHK_YZH
//RDC_DQCJ_01
//RDC_DQCJ_03 鐢垫皵杞﹂棿涓�浜屾湡涓绘帶
//RDC_DQCJ_07
//RDC_DQCJ_08
//RDC_DQCJ_09 涓夋湡涓绘帶
//RDC_DQCJ_11
//RDC_DQCJ_HHQ
//RDC_DQCJ_HUL
//RDC_DQCJ_YZH
//RDC_DQCJ_ZQPQ
//RDC_FWQ_01
//RDC_GLCJ_01
//RDC_GLCJ_02
//RDC_GLCJ_04
//RDC_GLCJ_06
//RDC_GLCJ_07
//RDC_GLCJ_08
//RDC_GLCJ_10
//RDC_GLCJ_DC01
//RDC_GLCJ_DC03
//RDC_GLCJ_FANGHQ
//RDC_GLCJ_HYI
//RDC_GLCJ_LIUSD
//RDC_GLCJ_LYJ
//RDC_QJCJ_01
//RDC_QJCJ_05
//RDC_QJCJ_06
//RDC_QJCJ_08
//RDC_QJCJ_11
//RDC_QJCJ_12
//RDC_QJCJ_HYS qjhys
//RDC_QJCJ_LQFX
//RDC_QJCJ_WUM
//RDC_QJSH_LQFX01
//RDC_RYCJ_04
//RDC_RYCJ_05
//RDC_RYCJ_06
//RDC_RYCJ_LJW
//RDC_RYCJ_NXL rdc_rycj_nxl
//RDC_RYCJ_PANQ
//RDC_RYCJ_QYS
//RDC_RYCJ_WEIG
//RDC_RYCJ_XUPING IE361.COM
//RDC_RYCJ_ZHOUWH
//RDC_SBK_CHENJUN
//RDC_SBK_FYF
//RDC_SBK_GAOJ
//RDC_SBK_HYC
//RDC_SBK_HYG
//RDC_SBK_HZH
//RDC_SBK_HZX
//RDC_SBK_KRA
//RDC_SBK_LIUQ
//RDC_SBK_LIZL
//RDC_SBK_LMZ
//RDC_SBK_LUB
//RDC_SBK_LZD
//RDC_SBK_LZL rdc_sbk_lzl
//RDC_SBK_PHC
//RDC_SBK_QCB
//RDC_SBK_SONGH
//RDC_SBK_SQS01
//RDC_SBK_TXS
//RDC_SBK_WJY
//RDC_SBK_WXY
//RDC_SBK_ZHANGR
//RDC_SBK_ZHANGY
//RDC_SBK_ZYC
//RDC_SC1Q_HCY
//RDC_SC1Q_JSL
//RDC_SC1Q_PTS
//RDC_SC1Q_SIL
//RDC_SC1Q_SILU
//RDC_SC1Q_SUNYI
//RDC_SC1Q_WEG
//RDC_SC1Q_ZMX
//RDC_SC2Q_LYD
//RDC_SC2Q_SILU rdc_sc2q_silu
//RDC_SCZX_01
//RDC_SCZX_02
//RDC_SCZX_03
//RDC_SCZX_CHENM
//RDC_SCZX_GWH
//RDC_SCZX_HDH
//RDC_SCZX_LDG
//RDC_SCZX_LXW
//RDC_SCZX_PZD
//RDC_SCZX_TAOJ
//RDC_SCZX_WUY
//RDC_SCZX_ZJR
//RDC_SCZX_ZQMJ
//RDC_SHCJ_01
//RDC_ZHCJ_CENZB
//RDC_ZHCJ_JX01
//RDC_ZHCJ_LIAOJ rdc_zhcj_liaoj.gx.**.**.**.**
//RDC_ZHCJ_LUQK
//RDC_ZHK_LIX
//RDC_ZHK_RMR rdc_zhk_rmr
//RDC_ZHK_WDH
//RDC_ZHK_WMS02
//RDC_ZHK_XAW01
//RDC_ZHK_XIONGL
//RDC_ZHK_YGM
//RDC_ZHK_YWS
//RDC_ZHK_ZQF
//RDC_ZLK_MJ
//RDC_ZQCJ_HHW
//RDC_ZQCJ_QHL
//RDC_ZQCJ_YJ
//RLB_QGK_03
//RLB_YGK_XLSH
//RLZY_XCGL_HYC02
//SCYXB_DDK_01
//SCYXB_DDK_02
//SCYXB_JSK_02
//SCYXB_JSK_03
//SCYXB_YHLJC_03
//SCYXB_YHLJC_04
//SCYXB_ZJK_05
//SCYXB_ZJK_08
//SCYXB_ZJK_WJX
//TSC_CB_TRL
//TSC_SBGLK_07
//TSC_SBGLK_09
//TSC_SBGLK_11
//TSC_SBGLK_12
//TSC_SBGLK_13
//TSC_SBGLK_17 纰崇礌鍘傚粬宸ㄨ秴
//TSC_SBGLK_20 tsc_liangxc
//TSC_SBGLK_22 纰崇礌鍘傚垬鑾�
//TSC_SCKZZX_01
//TSC_SCKZZX_02
//TSC_ZBCJ_03
//TSC_ZBCJ_04
//TSC_ZBCJ_12
//TSC_ZBCJ_14 tsc_zbcj_14
//TSC_ZBCJ_15 鍫嗗灈搴撴埧
//TSC_ZBCJ_16
//TSC_ZBCJ_17
//TSC_ZBCJ_18 纰崇礌鍘傜剻鐑т腑鎺�
//TSC_ZBCJ_19
//TSC_ZZCJ_05
//TSC_ZZCJ_13
//TZFZB_GCK_05
//TZFZB_GCK_08
//TZFZB_GHK_CYY
//TZFZB_GHK_ZYM
//TZFZB_JDZ_YB
//TZFZB_ZHK_HAH
//WL_PSZ_ZJ04 wl_psz_zj04
//WL_PSZ_ZJ07
//WLB_BF
//WLB_BGS_SJ
//WLB_CPK_01
//WLB_CPK_09
//WLB_CPK_10 wlb_cpk_10
//WLB_CPK_11 wlb_cpk_11
//WLB_CPK_12 wlb_cpk_12
//WLB_YLK_04 wlb_ylk_04
//WLB_YLK_DBZ02 wlb_ylk_dbz02
//WLB_YLK_JYZ wlb_ylk_jyz
//WLB_YLK_WYMB01
//WLB_YLK_WYMZ02 wlb_ylk_wymz02
//WLB_YLK_YJZ wlb_ylk_yjz
//WLB_YLK_ZJQYZ03
//XMB_GCK_03
//XMB_SJK_LIDF
//XSB_BGS_03 閿�鍞儴 缁煎悎绉�
//XXB_JKYB
//XXB_JKZX
//XXB_JSJS_DD01
//XXB_SBGLK_ZJG
//XXB_SCZX_2B01
//XXB_SCZX_2B02
//XXB_SCZX_4B01
//XXB_SCZX_LB
//XXB_SCZX_QSR
//XXB_SCZX_WTAO xxzx_sczx_wtao
//XXB_YHLZ_PX
//XXB_ZHK_012
//XXZX_JKONE_LEIB
//XXZX_JSJS_CHL
//XXZX_SCZX_01
//XXZX_ZHK_XM
//XZGLB_FCK_LFF
//XZGLB_FCK_XW hqzx_zhb_xw
//XZGLB_ZHK_LL
//XZGLB_ZHK_SJS
//YHL-FILES-SERV yhl-files-serv
//YHL_AHK_ZHANGJI
//YHL_AHKII_04
//YHL_AHKIII_01
//YHL_AHKIII_02
//YHL_BGS_10
//YHL_BGS_11
//YHL_BGS_13
//YHL_BSCJ_BSL
//YHL_BSCJ_GTK
//YHL_BSCJ_PPLX
//YHL_BSCJ_ZKS
//YHL_CB_CCX
//YHL_CJCJ_HJX
//YHL_CJCJ_LIJIE
//YHL_CJCJII_02
//YHL_DDS_LB
//YHL_DDSII_02
//YHL_DDSII_04
//YHL_DDSIII_01
//YHL_DJZ_03
//YHL_DJZ_07
//YHL_DJZ_08
//YHL_DJZ_09
//YHL_DJZ_12
//YHL_DJZ_14
//YHL_DJZ_17
//YHL_DJZ_18
//YHL_DJZ_20
//YHL_DJZ_21
//YHL_DJZ_22
//YHL_DJZ_28
//YHL_DJZ_30
//YHL_DJZ_31
//YHL_DJZ_33
//YHL_DJZ_36
//YHL_DJZ_38
//YHL_DJZ_39
//YHL_DJZ_40
//YHL_DJZ_41
//YHL_DJZ_42
//YHL_DJZ_43
//YHL_DJZ_46
//YHL_DJZ_50
//YHL_DJZ_51
//YHL_DJZ_GX03
//YHL_DJZ_PY
//YHL_DJZ_ZZH
//YHL_DQCJ_05
//YHL_DQCJ_06
//YHL_DQCJ_07
//YHL_DQCJII_01
//YHL_DQCJII_02
//YHL_DQCJII_04
//YHL_FJCJ_07
//YHL_FJCJ_MOYK
//YHL_FJCJII_11
//YHL_FJCJII_12
//YHL_FJCJII_16
//YHL_FJZK_02
//YHL_JCJ_ZK
//YHL_JCJII_01
//YHL_JDK_02
//YHL_JDK_B03
//YHL_JDKII_08
//YHL_JGK_02
//YHL_JKCJ_10
//YHL_JSK_PTL
//YHL_JSK_QXW
//YHL_JSKII_07
//YHL_JYK_02
//YHL_JYK_07
//YHL_JYKII_02
//YHL_JYKII_03
//YHL_JYKIII_01
//YHL_NYGLK_05
//YHL_PSCJII_01
//YHL_PSCJII_04
//YHL_RCCJ_05
//YHL_RCCJ_21
//YHL_RCCJ_22
//YHL_RCCJ_LIUZHI
//YHL_RCCJ_MAZP
//YHL_RCCJ_WEIB
//YHL_RCCJ_ZKS
//YHL_SCEQ_LZQ
//YHL_SCEQ_LZY
//YHL_SCEQ_WJM
//YHL_SCKZZX_01
//YHL_SCKZZX_DDT
//YHL_SCKZZX_SJZ gx_zhukj
//YHL_SCKZZX_ZD
//YHL_SCKZZX_ZQX
//YHL_SCKZZXII_01
//YHL_SCYQ_CJ
//YHL_SCYQ_CJZK
//YHL_SCYQ_LJH
//YHL_SCYQ_WZG
//YHL_XHSCJ_06
//YHL_XHSCJII_02
//YHL_XTCJ_ZK01
//YHL_YLCJ_09
//YHL_YLCJ_JHK
//YHL_YLCJ_YLM
//YHL_YLCJ_ZKS
//YHL_YLCJII_01
//YHL_YLZKII_01
//YHL_ZFCJ_06 yhl_zfcj_06
//YHL_ZFCJ_LJX
//YHL_ZFCJII_04
//YHL_ZFCJII_06
//YHL_ZFCJII_07
//YHL_ZFCJII_09
//YHL_ZFZKII_01
//YHL_ZHCJ_LY
//YHL_ZHCJ_TYL
//YSB_CWD_02 ysb_cwd_02
//YSB_CWD_09 ysb_cwd_09
//YSB_CWD_10 ysb_cwd_10
//YSB_CWD_XHB
//YSB_GDD_01 ysb_gdd_01
//YSB_GDD_DWB ysb_gdd_dwb
//YSB_KCD_02
//ZBB_DLK_CZL
//ZBB_DXK_LQL
//ZBB_LXK_LFJ
//ZBB_SBGLK_MYG
//ZHB-PC
//ZHB_BGS_LNW
//ZHB_GCXM_01
直接登录服务器而且还是其中一个域控
漏洞证明:
修复方案:
版权声明:转载请注明来源 路人甲@乌云
漏洞回应
厂商回应:
危害等级:高
漏洞Rank:11
确认时间:2016-03-23 17:30
厂商回复:
CNVD确认并复现所述情况,已经转由CNCERT向能源行业信息化主管部门通报,由其后续协调网站管理单位处置.
最新状态:
暂无
漏洞评价:
对本漏洞信息进行评价,以更好的反馈信息的价值,包括信息客观性,内容是否完整以及是否具备学习价值
漏洞评价(共0人评价):
登陆后才能进行评分
评论