Fw: [爆卦] 戶政系統被中國人發現4處SQL資料隱碼漏洞
※ [本文轉錄自 Gossiping 看板 #1MWyRjqP ]
作者: Telemachus (Evolution) 看板: Gossiping
標題: [爆卦] 戶政系統被中國人發現4處SQL漏洞
時間: Wed Dec 30 19:58:30 2015
來源:http://www.wooyun.org/bugs/wooyun-2015-0164499
[漏洞概要]
缺陷編號: WooYun-2015-164499
漏洞標題:台灣戶政事務所4處通用SQL注入漏洞(dba權限)
相關廠商:Hitcon台灣互聯網漏洞報告平台
漏洞作者:路人甲
提交時間:2015-12-25 13:50
公開時間:2016-03-28 18:31
漏洞類型:SQL注射漏洞
危害等級:高
漏洞狀態:已交由第三方合作機構(cncert國家互聯網應急中心)處理
漏洞來源:http://www.wooyun.org
Tags標籤:無
[漏洞詳情]
披露狀態:
2015-12-25:細節已通知廠商並且等待廠商處理中
2015-12-29:廠商已經確認,細節僅向廠商公開
簡要描述:台灣戶政事務所4處通用SQL注入漏洞(dba權限)
漏洞hash:d3e877cb217f3b11d801cab83878eefd
版權聲明:轉載請註明來源 路人甲@烏雲
[漏洞回應]
廠商回應:
危害等級:高
漏洞Rank:14
確認時間:2015-12-29 18:31
廠商回覆:CNVD確認並復現所述情況,已經轉由CNCERT向TWNCERT通報,由其後續協調網站管理單位處置.
最新狀態:暫無
--
★President Wisdom Examiner ▁▁▁▁▁▁▁▁▁▁▁▁▁▁▁╳
您的狀態設為「逃避現實」,您可以選擇河蟹真相,但人民將
知道您完全無能。
▁▁▁▁▁▁▁▁ ▁▁▁▁▁ ▁▁▁▁▁▁▁▁▁
▏ 河蟹資訊(C) ▏ ▏下台(X) ▏ ▏ 中南海說明(H) ▏
▇▇▇▇▇▇▇▇ ▇▇▇▇▇ ▇▇▇▇▇▇▇▇▇
--
※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 114.47.180.116
※ 文章網址: https://www.ptt.cc/bbs/Gossiping/M.1451476717.A.D19.html
噓
12/30 19:59, , 1F
12/30 19:59, 1F
噓
12/30 19:59, , 2F
12/30 19:59, 2F
推
12/30 20:00, , 3F
12/30 20:00, 3F
→
12/30 20:00, , 4F
12/30 20:00, 4F
推
12/30 20:01, , 5F
12/30 20:01, 5F
→
12/30 20:01, , 6F
12/30 20:01, 6F
→
12/30 20:01, , 7F
12/30 20:01, 7F
推
12/30 20:01, , 8F
12/30 20:01, 8F
推
12/30 20:02, , 9F
12/30 20:02, 9F
推
12/30 20:02, , 10F
12/30 20:02, 10F
→
12/30 20:02, , 11F
12/30 20:02, 11F
推
12/30 20:02, , 12F
12/30 20:02, 12F
推
12/30 20:03, , 13F
12/30 20:03, 13F
→
12/30 20:04, , 14F
12/30 20:04, 14F
推
12/30 20:04, , 15F
12/30 20:04, 15F
→
12/30 20:06, , 16F
12/30 20:06, 16F
推
12/30 20:06, , 17F
12/30 20:06, 17F
→
12/30 20:06, , 18F
12/30 20:06, 18F
→
12/30 20:07, , 19F
12/30 20:07, 19F
推
12/30 20:07, , 20F
12/30 20:07, 20F
噓
12/30 20:07, , 21F
12/30 20:07, 21F
→
12/30 20:09, , 22F
12/30 20:09, 22F
推
12/30 20:09, , 23F
12/30 20:09, 23F
推
12/30 20:11, , 24F
12/30 20:11, 24F
→
12/30 20:11, , 25F
12/30 20:11, 25F
推
12/30 20:11, , 26F
12/30 20:11, 26F
推
12/30 20:15, , 27F
12/30 20:15, 27F
→
12/30 20:25, , 28F
12/30 20:25, 28F
→
12/30 20:26, , 29F
12/30 20:26, 29F
→
12/30 20:27, , 30F
12/30 20:27, 30F
推
12/30 20:28, , 31F
12/30 20:28, 31F
噓
12/30 20:28, , 32F
12/30 20:28, 32F
噓
12/30 20:42, , 33F
12/30 20:42, 33F
→
12/30 20:46, , 34F
12/30 20:46, 34F
→
12/30 20:47, , 35F
12/30 20:47, 35F
推
12/30 20:51, , 36F
12/30 20:51, 36F
推
12/30 21:14, , 37F
12/30 21:14, 37F
噓
12/30 22:16, , 38F
12/30 22:16, 38F
推
12/30 22:53, , 39F
12/30 22:53, 39F
推
12/31 01:53, , 40F
12/31 01:53, 40F
→
12/31 01:54, , 41F
12/31 01:54, 41F
→
12/31 01:54, , 42F
12/31 01:54, 42F
→
12/31 01:54, , 43F
12/31 01:54, 43F
推
12/31 10:41, , 44F
12/31 10:41, 44F
推
12/31 12:38, , 45F
12/31 12:38, 45F
推
12/31 13:03, , 46F
12/31 13:03, 46F
推
12/31 14:06, , 47F
12/31 14:06, 47F
推
12/31 14:50, , 48F
12/31 14:50, 48F
推
12/31 15:05, , 49F
12/31 15:05, 49F
推
12/31 15:37, , 50F
12/31 15:37, 50F
推
12/31 16:05, , 51F
12/31 16:05, 51F
→
12/31 16:06, , 52F
12/31 16:06, 52F
推
12/31 16:26, , 53F
12/31 16:26, 53F
推
12/31 17:00, , 54F
12/31 17:00, 54F
推
12/31 18:38, , 55F
12/31 18:38, 55F
推
12/31 21:24, , 56F
12/31 21:24, 56F
推
12/31 21:34, , 57F
12/31 21:34, 57F
→
12/31 21:37, , 58F
12/31 21:37, 58F
※ 發信站: 批踢踢實業坊(ptt.cc)
※ 轉錄者: Su22 (36.227.82.36), 12/31/2015 21:37:55
→
12/31 22:35, , 59F
12/31 22:35, 59F
推
01/01 13:25, , 60F
01/01 13:25, 60F
→
01/01 13:26, , 61F
01/01 13:26, 61F
推
01/01 14:58, , 62F
01/01 14:58, 62F
→
01/02 05:11, , 63F
01/02 05:11, 63F
推
01/02 12:52, , 64F
01/02 12:52, 64F