茅台电商网康网关设备存在多个漏洞(严重影响内网安全)

  • 内容
  • 相关

漏洞详情

披露状态:

 

2016-04-25: 细节已通知厂商并且等待厂商处理中
2016-04-25: 厂商已经确认,细节仅向厂商公开
2016-05-05: 细节向核心白帽子及相关领域专家公开
2016-05-15: 细节向普通白帽子公开
2016-05-25: 细节向实习白帽子公开
2016-06-09: 细节向公众公开

简要描述:

茅台电商网康网关设备存在多个漏洞(严重影响内网安全)

详细说明:

茅台财务公司网关系统,实际为网康的产品,存在多个远程高危漏洞

https://gmc.china-moutai.com/vpnweb/index.php?para=index



http://www.wooyun.org/corps/%E7%BD%91%E5%BA%B7%E7%A7%91%E6%8A%80

WooYun: 网康NS-ASG应用安全网关任意文件上传(无需登录)

WooYun: 网康 NS-ASG 应用安全网关SQL注入漏洞

漏洞证明:

 

code 区域
[*] 基本信息 [ 	Linux localhost.localdomain 2.6.26-lfs-prayfly-isc #8 SMP Wed Mar 21 20:47:38 CST 2012 i686(root) ]

[/Isc/third-party/httpd/htdocs/vpnweb/]$ /sbin/ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:10:F3:24:D2:60
inet addr:192.168.1.23 Bcast:0.0.0.0 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:16 Memory:fe6e0000-fe700000

eth1 Link encap:Ethernet HWaddr 00:10:F3:24:D2:61
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:17 Memory:fe7e0000-fe800000

eth2 Link encap:Ethernet HWaddr 00:10:F3:24:D2:62
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:18 Memory:fe8e0000-fe900000

eth3 Link encap:Ethernet HWaddr 00:10:F3:24:D2:63
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:19 Memory:fe9e0000-fea00000

eth4 Link encap:Ethernet HWaddr 00:10:F3:24:D2:64
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:16 Memory:feae0000-feb00000

eth5 Link encap:Ethernet HWaddr 00:10:F3:24:D2:65
inet addr:172.27.8.61 Bcast:0.0.0.0 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:345524388 errors:22 dropped:0 overruns:0 frame:22
TX packets:291680550 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2905934586 (2771.3 Mb) TX bytes:1494695066 (1425.4 Mb)
Interrupt:17 Memory:febe0000-fec00000

gre0 Link encap:UNSPEC HWaddr 00-00-00-00-17-59-00-00-00-00-00-00-00-00-00-00
NOARP MTU:1476 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

ip6tnl0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
NOARP MTU:1460 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:504113043 errors:0 dropped:0 overruns:0 frame:0
TX packets:504113043 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:630519569 (601.3 Mb) TX bytes:630519569 (601.3 Mb)

sit0 Link encap:UNSPEC HWaddr 00-00-00-00-94-25-00-00-00-00-00-00-00-00-00-00
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

teql0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:91153225 errors:0 dropped:8827 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:1 carrier:0
collisions:0 txqueuelen:500
RX bytes:2345603667 (2236.9 Mb) TX bytes:0 (0.0 b)

tun0:1412 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.27.212.1 P-t-P:172.27.212.1 Mask:255.255.255.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1

tunl0 Link encap:IPIP Tunnel HWaddr
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

[/Isc/third-party/httpd/htdocs/vpnweb/]$

 

修复方案:

更新或者下线

版权声明:转载请注明来源 路人甲@乌云


漏洞回应

厂商回应:

危害等级:高

漏洞Rank:20

确认时间:2016-04-25 11:04

厂商回复:

感谢您的反馈,我们将尽快修复

最新状态:

暂无


本文标签:

版权声明:若无特殊注明,本文皆为《安三》原创,转载请保留文章出处。『鹦鹉搜索』

百度收录:百度已收录『查看详情』

本文链接:茅台电商网康网关设备存在多个漏洞(严重影响内网安全) - https://www.15qq.cn/wooyun/985.html

发表评论

电子邮件地址不会被公开。 必填项已用*标注

允许邮件通知