众至科技10月漏洞通告

  • 众至科技
    了解作者
  • Python
    开发工具
  • 32.6KB
    文件大小
  • zip
    文件格式
  • 0
    收藏次数
  • 5 积分
    下载积分
  • 0
    下载次数
  • 2022-12-06 02:36
    上传日期
众至科技发布10月漏洞通告,Apache Shiro RequestDispatcher 权限绕过漏洞,Apache Commons JXPath 存在代码执行漏洞
众至科技10月漏洞通告.zip
  • 众至科技10月漏洞通告
  • 众至科技发布漏洞通告-1014.docx
    33.7KB
内容介绍
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta charset="utf-8"> <meta name="generator" content="pdf2htmlEX"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <link rel="stylesheet" href="https://static.pudn.com/base/css/base.min.css"> <link rel="stylesheet" href="https://static.pudn.com/base/css/fancy.min.css"> <link rel="stylesheet" href="https://static.pudn.com/prod/directory_preview_static/638f0b1b35aa1e4b190857b6/raw.css"> <script src="https://static.pudn.com/base/js/compatibility.min.js"></script> <script src="https://static.pudn.com/base/js/pdf2htmlEX.min.js"></script> <script> try{ pdf2htmlEX.defaultViewer = new pdf2htmlEX.Viewer({}); }catch(e){} </script> <title></title> </head> <body> <div id="sidebar" style="display: none"> <div id="outline"> </div> </div> <div id="pf1" class="pf w0 h0" data-page-no="1"><div class="pc pc1 w0 h0"><img class="bi x0 y0 w1 h1" alt="" src="https://static.pudn.com/prod/directory_preview_static/638f0b1b35aa1e4b190857b6/bg1.jpg"><div class="c x0 y1 w2 h2"><div class="t m0 x1 h3 y2 ff1 fs0 fc0 sc0 ls0 ws0">&#12304;&#28431;&#27934;&#36890;&#21578;&#12305;&#24494;&#36719;<span class="_ _0"> </span><span class="ff2 sc1">10<span class="_ _0"> </span></span>&#26376;&#22810;&#20010;&#23433;&#20840;&#28431;&#27934;</div><div class="t m0 x2 h3 y3 ff2 fs0 fc0 sc1 ls0 ws0">1. <span class="ff1 sc0">&#28431;&#27934;&#27010;&#36848;</span></div><div class="t m0 x3 h3 y4 ff3 fs0 fc0 sc1 ls0 ws0">2022<span class="_ _0"> </span><span class="ff1">&#24180;<span class="_ _1"> </span></span>10<span class="_ _0"> </span><span class="ff1">&#26376;<span class="_ _0"> </span></span>11<span class="_ _1"> </span><span class="ff1">&#26085;&#65292;&#24494;<span class="_ _2"></span>&#36719;&#21457;&#24067;<span class="_ _2"></span>&#20102;<span class="_ _0"> </span></span>10<span class="_ _1"> </span><span class="ff1">&#26376;&#23433;&#20840;<span class="_ _2"></span>&#26356;&#26032;&#65292;<span class="_ _2"></span>&#27492;&#27425;&#26356;<span class="_ _2"></span>&#26032;&#20462;&#22797;<span class="_ _2"></span>&#20102;&#21253;&#25324;<span class="_ _3"> </span></span>2</div><div class="t m0 x1 h3 y5 ff1 fs0 fc0 sc1 ls0 ws0">&#20010;<span class="_ _4"> </span><span class="ff3">0<span class="_ _5"></span> <span class="_ _5"></span>day<span class="_ _4"> </span></span>&#28431;<span class="_ _6"> </span>&#27934;<span class="_ _6"> </span>&#22312;<span class="_ _6"> </span>&#20869;<span class="_ _0"> </span>&#30340;<span class="_ _4"> </span><span class="ff3">84<span class="_ _4"> </span></span>&#20010;<span class="_ _6"> </span>&#23433;<span class="_ _6"> </span>&#20840;<span class="_ _6"> </span>&#28431;<span class="_ _6"> </span>&#27934;<span class="_ _0"> </span>&#65288;<span class="_ _6"> </span>&#19981;<span class="_ _6"> </span>&#21253;<span class="_ _6"> </span>&#25324;<span class="_ _7"> </span><span class="ff3">10<span class="_ _4"> </span></span>&#26376;<span class="_ _4"> </span><span class="ff3">3<span class="_ _4"> </span></span>&#26085;<span class="_ _6"> </span>&#20462;<span class="_ _6"> </span>&#22797;<span class="_ _0"> </span>&#30340;<span class="_ _4"> </span><span class="ff3">12<span class="_ _4"> </span></span>&#20010;</div><div class="t m0 x1 h3 y6 ff3 fs0 fc0 sc1 ls0 ws0">Microsof<span class="_ _8"></span>t Edge<span class="_ _0"> </span><span class="ff1">&#28431;&#27934;&#65289;&#65292;&#20854;&#20013;&#26377;<span class="_ _0"> </span></span>13<span class="_ _0"> </span><span class="ff1">&#20010;&#28431;&#27934;&#35780;&#32423;&#20026;&#8220;&#20005;&#37325;&#8221;&#12290;</span></div><div class="t m0 x2 h3 y7 ff2 fs0 fc0 sc1 ls0 ws0">2. <span class="ff1 sc0">&#28431;&#27934;&#35814;&#24773;</span></div><div class="t m0 x3 h3 y8 ff1 fs0 fc0 sc1 ls0 ws0">&#26412;<span class="_ _9"> </span>&#27425;<span class="_ _9"> </span>&#21457;<span class="_ _9"> </span>&#24067;<span class="_ _9"> </span>&#30340;<span class="_ _9"> </span>&#23433;<span class="_ _9"> </span>&#20840;<span class="_ _9"> </span>&#26356;<span class="_ _9"> </span>&#26032;<span class="_ _9"> </span>&#28041;<span class="_ _9"> </span>&#21450;<span class="_ _a"> </span><span class="ff3">Active<span class="_ _4"> </span> <span class="_ _b"> </span>Dir<span class="_ _8"></span>ectory<span class="_ _4"> </span> <span class="_ _4"> </span>Domain</span></div><div class="t m0 x1 h3 y9 ff3 fs0 fc0 sc1 ls0 ws0">Services<span class="_ _c"> </span><span class="ff1">&#12289;<span class="_ _c"> </span></span>Azur<span class="_ _8"></span>e<span class="_ _c"> </span><span class="ff1">&#12289;<span class="_ _c"> </span></span>Micr<span class="_ _8"></span>osoft<span class="_ _d"> </span> <span class="_ _d"> </span>O&#58911;ce<span class="_ _c"> </span><span class="ff1">&#12289;<span class="_ _c"> </span></span>Micro<span class="_ _8"></span>soft<span class="_ _d"> </span> <span class="_ _e"> </span>O&#58911;ce</div><div class="t m0 x1 h3 ya ff3 fs0 fc0 sc1 ls0 ws0">ShareP<span class="_ _8"></span>oint<span class="ff1">&#12289;<span class="_ _f"></span></span>W<span class="_ _8"></span>indows<span class="_ _2"></span> <span class="_ _2"></span>Hyper<span class="_ _8"></span>-<span class="_ _10"></span>V<span class="_ _2"></span><span class="ff1">&#12289;<span class="_ _2"></span></span>Visual <span class="_ _2"></span>Studio<span class="_ _2"></span> Code<span class="_ _f"></span><span class="ff1">&#12289;<span class="_ _2"></span></span>Windows <span class="_ _2"></span>Active</div><div class="t m0 x1 h3 yb ff3 fs0 fc0 sc1 ls0 ws0">Director<span class="_ _8"></span>y<span class="_ _5"></span> <span class="_ _f"></span>Certi*cate<span class="_ _f"></span> <span class="_ _f"></span>Services<span class="_ _11"> </span><span class="ff1">&#12289;<span class="_ _11"></span></span>W<span class="_ _8"></span>indows<span class="_ _f"></span> <span class="_ _f"></span>Defender<span class="_ _11"> </span><span class="ff1">&#12289;<span class="_ _5"></span></span>Windows<span class="_ _f"></span> <span class="_ _f"></span>DHCP</div><div class="t m0 x1 h3 yc ff3 fs0 fc0 sc1 ls0 ws0">Client<span class="_ _e"> </span><span class="ff1">&#12289;<span class="_ _12"> </span></span>W<span class="_ _8"></span>indows<span class="_"> </span> <span class="_ _13"> </span>Gro<span class="_ _8"></span>up<span class="_"> </span> <span class="_ _13"> </span>P<span class="_ _8"></span>olicy<span class="_ _12"> </span><span class="ff1">&#12289;<span class="_ _e"> </span></span>Windows<span class="_ _3"> </span> <span class="_"> </span>K<span class="_ _8"></span>er<span class="_ _8"></span>nel<span class="_ _12"> </span><span class="ff1">&#12289;<span class="_ _e"> </span></span>Windows</div><div class="t m0 x1 h3 yd ff3 fs0 fc0 sc1 ls0 ws0">NTFS<span class="_ _14"> </span><span class="ff1">&#12289;<span class="_ _14"> </span></span>Windows<span class="_ _7"> </span> <span class="_ _15"> </span>NTLM<span class="_ _14"> </span><span class="ff1">&#12289;<span class="_ _16"> </span></span>W<span class="_ _8"></span>indows<span class="_ _15"> </span> <span class="_ _17"> </span>P<span class="_ _8"></span>oint-to<span class="_ _2"></span>-P<span class="_ _8"></span>oint<span class="_ _17"> </span> <span class="_ _17"> </span>T<span class="_ _18"></span>unneling</div><div class="t m0 x1 h3 ye ff3 fs0 fc0 sc1 ls0 ws0">Pr<span class="_ _8"></span>otocol<span class="ff1">&#12289;</span>Windows T<span class="_ _10"></span>CP/IP<span class="_ _0"> </span><span class="ff1">&#21644;<span class="_ _0"> </span></span>Windows W<span class="_ _8"></span>in32K<span class="_ _0"> </span><span class="ff1">&#31561;&#22810;&#20010;&#20135;&#21697;&#21644;&#32452;&#20214;&#12290;</span></div><div class="t m0 x3 h3 yf ff1 fs0 fc0 sc1 ls0 ws0">&#26412;<span class="_ _2"></span>&#27425;<span class="_ _f"></span>&#20462;<span class="_ _f"></span>&#22797;<span class="_ _f"></span>&#30340;<span class="_ _1"> </span><span class="ff3">84<span class="_ _3"> </span></span>&#20010;<span class="_ _2"></span>&#28431;<span class="_ _f"></span>&#27934;<span class="_ _f"></span>&#20013;<span class="_ _2"></span>&#65292;<span class="_ _f"></span><span class="ff3">39<span class="_ _3"> </span></span>&#20010;<span class="_ _2"></span>&#20026;<span class="_ _f"></span>&#25552;<span class="_ _2"></span>&#21462;<span class="_ _f"></span>&#28431;<span class="_ _f"></span>&#27934;<span class="_ _2"></span>&#65292;<span class="_ _f"></span><span class="ff3">20<span class="_ _3"> </span></span>&#20010;<span class="_ _2"></span>&#20026;<span class="_ _f"></span>&#36828;<span class="_ _f"></span>&#31243;<span class="_ _2"></span>&#20195;<span class="_ _f"></span>&#30721;<span class="_ _f"></span>&#25191;<span class="_ _2"></span>&#34892;<span class="_ _f"></span>&#28431;<span class="_ _f"></span>&#27934;</div></div></div><div class="pi" data-data='{"ctm":[1.611850,0.000000,0.000000,1.611850,0.000000,0.000000]}'></div></div> </body> </html>
评论
    相关推荐
    • 众至科技11月漏洞通告
      众至科技发布11月漏洞通告,OpenSSL缓冲区溢出漏洞,Atlassian Crowd and Crowd Data Center 权限绕过漏洞,Bitbucket Server and Data Center 远程命令执行漏洞
    • 360漏洞修复工具
      360安全卫士漏洞修复程序还是不错的,如果直接从360安全卫士中剥削出来,是不能自动升级漏洞数据库的。 也就是说,提取出来的版本,以后有新漏洞就扫描不到了新漏洞。当然,可以用360安全卫士更新漏洞数据库,再...
    • flash 漏洞修补
      Adobe Flash Player 9 .0.115 在播放恶意构造的swf时,会自动下载一个可执行文件并执行,而我拿到的...这个漏洞出现在Adobe Flash Player 9 .0.115和更早版本,此修补包包含Adobe flash 10,能修补 Adobe flash 9的漏洞
    • 漏洞赏金
      4)初学者的漏洞,中级和高级漏洞利用。 5)网络新闻和更新(2021-2022) 6)创意漏洞 7)白帽访谈 8)网络安全中的职业更新。 {{{{{------立即开始您的旅程... !!!!! -------------- -}}}}} OWASP十大漏洞(即将...
    • ecshop常见漏洞
      ECSHOP的配送地址页面网页没有验证地区参数的有效性,存在sql注入漏洞;ecshop的后台编辑文件/admin/affiliate_ck.php中,对输入参数auid未进行正确类型转义,导致整型注入的发生;ecshop的后台编辑文件/admin/...
    • PHP漏洞全解
      PHP漏洞全解(一)-PHP网站的安全性问题 PHP漏洞全解(二)-命令注入攻击 PHP漏洞全解(三)-客户端脚本植入 PHP漏洞全解(四)-xss跨站脚本攻击 PHP漏洞全解(五)-SQL注入攻击 PHP漏洞全解(六)-跨网站请求伪造 PHP漏洞全解...
    • 漏洞披露
      FireEye漏洞披露 该存储库详细说明了FireEye披露的漏洞。 这些漏洞是通过内部研究,通过红队评估或在野外使用而发现的。 可能会或可能不会提供概念证明(PoC)。
    • PHP漏洞全解
      10、文件上传漏洞(FileUploadAttack) 11、目录穿越漏洞(DirectoryTraversal) 12、远程文件包含攻击(RemoteInclusion) 13、动态函数注入攻击(DynamicVariableEvaluation) 14、URL攻击(URLattack) 15、表单提交欺骗...
    • 漏洞利用
      我在准备OSCE考试时编写的漏洞利用库。 应用 开发 教程 操作系统 类型 Vulnserver-LTER 不适用 Windows 7的 远程(SEH) Vulnserver-KSTET Windows 7的 远程(EIP) KarajaSoft SamiFTP 2.0.2 Windows XP SP3 ...
    • GaussDB_100_1.0.1-DATABASE-REDHAT-64bit.tar.gz
      guassdb100在redhat上安装包,单机部署的包,安装步骤请看我的文中介绍,经过大量实验搭建总结出来的文档