江泰保险某门户系统命令执行漏洞(影响内网安全)

  • 内容
  • 相关

漏洞详情

披露状态:

 

2016-05-08: 细节已通知厂商并且等待厂商处理中
2016-05-09: 厂商已经确认,细节仅向厂商公开
2016-05-19: 细节向核心白帽子及相关领域专家公开
2016-05-29: 细节向普通白帽子公开
2016-06-08: 细节向实习白帽子公开
2016-06-23: 细节向公众公开

简要描述:

 

详细说明:

http://218.241.156.10:7001/jtbx

j.png



j1.png

 

漏洞证明:

 

code 区域
Usage:
net rpc Run functions using RPC transport
net rap Run functions using RAP transport
net ads Run functions using ADS transport
net file Functions on remote opened files
net share Functions on shares
net session Manage sessions
net server List servers in workgroup
net domain List domains/workgroups on network
net printq Modify printer queue
net user Manage users
net group Manage groups
net groupmap Manage group mappings
net sam Functions on the SAM database
net validate Validate username and password
net groupmember Modify group memberships
net admin Execute remote command on a remote OS/2 server
net service List/modify running services
net password Change user password on target server
net changetrustpw Change the trust password
net changesecretpw Change the secret password
net setauthuser Set the winbind auth user
net getauthuser Get the winbind auth user settings
net time Show/set time
net lookup Look up host names/IP addresses
net g_lock Manipulate the global lock table
net join Join a domain/AD
net dom Join/unjoin (remote) machines to/from a domain/AD
net cache Operate on the cache tdb file
net getlocalsid Get the SID for the local domain
net setlocalsid Set the SID for the local domain
net setdomainsid Set domain SID on member servers
net getdomainsid Get domain SID on member servers
net maxrid Display the maximul RID currently used
net idmap IDmap functions
net status Display server status
net usershare Manage user-modifiable shares
net usersidlist Display list of all users with SID
net conf Manage Samba registry based configuration
net registry Manage the Samba registry
net eventlog Process Win32 *.evt eventlog files
net help Print usage information

 

修复方案:

 

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:10

确认时间:2016-05-09 11:43

厂商回复:

最新状态:

暂无


本文标签:

版权声明:若无特殊注明,本文皆为《安三》原创,转载请保留文章出处。『鹦鹉搜索』

百度收录:百度未收录『点击提交』

本文链接:江泰保险某门户系统命令执行漏洞(影响内网安全) - https://www.15qq.cn/wooyun/490.html

发表评论

电子邮件地址不会被公开。 必填项已用*标注

未显示?请点击刷新

允许邮件通知