漏洞概要 关注数(0) 关注此漏洞
缺陷编号: WooYun-2010-00988
漏洞标题: 汽车之家DNS域传送问题
相关厂商: autohome.com.cn
漏洞作者: slashapp
提交时间: 2010-12-17
公开时间: 2010-12-17
漏洞类型: 网络敏感信息泄漏
危害等级: 低
自评Rank: 5
漏洞状态: 未联系到厂商或者厂商积极忽略
漏洞来源: http://www.wooyun.org
Tags标签: dns域传送 服务器配置失误 bind
漏洞详情
披露状态:
2010-12-17: 积极联系厂商并且等待厂商认领中,细节不对外公开
2010-12-17: 厂商已经主动忽略漏洞,细节向公众公开
简要描述:
域传送
漏洞证明:
> ls autohome.com.cn
[ns.autohome.com.cn]
autohome.com.cn. NS server = ns.autohome.com.cn
autohome.com.cn. NS server = ns1.autohome.com.c
autohome.com.cn. A 221.192.136.245
* A 221.192.136.245
2008 A 221.192.136.245
2sc A 221.192.136.250
33 A 221.192.136.100
331 A 221.192.136.100
4s A 221.192.136.246
4sb A 221.192.136.246
admin A 221.192.136.246
bj2008 A 221.192.136.250
caradmin A 221.192.136.246
cardx A 219.148.35.89
carshowroom A 114.255.58.169
carwt A 221.192.136.202
club A 221.192.136.44
comment A 221.192.136.4
csrtsmc A 219.141.178.17
data A 221.192.136.202
dealer A 221.192.136.250
edit A 221.192.136.68
group A 221.192.136.14
hr A 61.55.167.46
img1 A 221.192.136.195
index A 221.192.136.250
live A 221.192.136.61
live A 221.192.136.211
mail A 221.192.136.211
mall A 221.192.136.155
*.mall A 221.192.136.155
map A 221.192.136.250
ns A 219.148.35.81
ns1 A 221.192.136.179
play A 221.192.136.245
pv A 221.192.136.246
sendmail A 221.192.136.211
service A 221.192.136.68
*.service A 221.192.136.4
uploadmanage.service A 221.192.136.68
services A 221.192.136.50
so A 221.192.136.250
sou A 221.192.136.250
sp A 221.192.136.250
techblog A 221.192.136.184
test A 221.192.136.217
testcarshowroom A 114.255.58.169
topic A 221.192.136.250
tv A 221.192.136.170
ue A 221.192.136.155
v A 221.192.136.250
vhost A 221.192.136.19
vote A 221.192.136.245
wap A 221.192.136.217
www1 A 221.192.136.202
>修复方案:
找专家
版权声明:转载请注明来源 slashapp@乌云
漏洞回应
厂商回应:
未能联系到厂商或者厂商积极拒绝
漏洞评价:
对本漏洞信息进行评价,以更好的反馈信息的价值,包括信息客观性,内容是否完整以及是否具备学习价值
