湖北省某社保局注入漏洞可跨库影响市民包括身份证号电话邮箱等信息

漏洞概要

缺陷编号:WooYun-2015-097966

漏洞标题:湖北省某社保局注入漏洞可跨库影响市民包括身份证号电话邮箱等信息

相关厂商:snjrsj.gov.cn

漏洞作者:路人甲

提交时间:2015-02-24 12:17

公开时间:2015-04-13 16:58

漏洞类型:SQL注射漏洞

危害等级:高

自评Rank:15

漏洞状态:已交由第三方合作机构(cncert国家互联网应急中心)处理

Tags标签:

漏洞详情

披露状态:

2015-02-24: 细节已通知厂商并且等待厂商处理中
2015-03-02: 厂商已经确认,细节仅向厂商公开
2015-03-12: 细节向核心白帽子及相关领域专家公开
2015-03-22: 细节向普通白帽子公开
2015-04-01: 细节向实习白帽子公开
2015-04-13: 细节向公众公开

简要描述:

湖北省某社保局注入漏洞 可跨库 泄露数十万市民信息(可登陆后台管理员权限)

详细说明:

湖北省某社保局注入漏洞 可跨库 泄露数十万市民包括身份证号,电话,邮箱等信息(可登陆后台管理员权限)附上原帖:http://**.**.**.**/bugs/wooyun-2015-097538做了些简单处理,忽略了,深入挖掘,漏洞任然存在,并且有大量敏感信息注入点:http://**.**.**.**/hbwzweb/html/hdjl/zxzx/zxzx_ckhf.shtml?zxlb=03

涉及全省多个政务网站:

泄露大量市民信息(包括身份证号,电话等):

还有大量信息,不逐一列举<code>Database: DBSNMP[17 tables]+--------------------------------+| MGMT_BASELINE || MGMT_BASELINE_SQL || MGMT_BSLN_BASELINES || MGMT_BSLN_DATASOURCES || MGMT_BSLN_INTERVALS || MGMT_BSLN_METRICS || MGMT_BSLN_STATISTICS || MGMT_BSLN_THRESHOLD_PARMS || MGMT_CAPTURE || MGMT_CAPTURE_SQL || MGMT_HISTORY || MGMT_HISTORY_SQL || MGMT_LATEST || MGMT_LATEST_SQL || MGMT_RESPONSE_CONFIG || MGMT_SNAPSHOT || MGMT_SNAPSHOT_SQL |+--------------------------------+Database: OUTLN[3 tables]+--------------------------------+| OL$ || OL$HINTS || OL$NODES |+--------------------------------+Database: XDB[11 tables]+--------------------------------+| MIGR9202STATUS || XDB$CHECKOUTS || XDB$COLUMN_INFO || XDB$DXPATH || XDB$DXPTAB || XDB$H_INDEX || XDB$NMSPC_ID || XDB$PATH_ID || XDB$PATH_INDEX_PARAMS || XDB$QNAME_ID || XDB$ROOT_INFO |+--------------------------------+Database: ORDSYS[4 tables]+--------------------------------+| ORD_CARTRIDGE_COMPONENTS || SI_FEATURES_TAB || SI_IMAGE_FORMATS_TAB || SI_VALUES_TAB |+--------------------------------+Database: IX[9 tables]+--------------------------------+| AQ$_ORDERS_QUEUETABLE_G || AQ$_ORDERS_QUEUETABLE_H || AQ$_ORDERS_QUEUETABLE_I || AQ$_ORDERS_QUEUETABLE_T || AQ$_STREAMS_QUEUE_TABLE_C || AQ$_STREAMS_QUEUE_TABLE_G || AQ$_STREAMS_QUEUE_TABLE_H || AQ$_STREAMS_QUEUE_TABLE_I || AQ$_STREAMS_QUEUE_TABLE_T |+--------------------------------+Database: HR[3 tables]+--------------------------------+| COUNTRIES || EMPLOYEES || JOB_HISTORY |+--------------------------------+Database: OLAPSYS[122 tables]+--------------------------------+| CWM$ARGUMENT || CWM$CLASSIFICATION || CWM$CLASSIFICATIONENTRY || CWM$CLASSIFICATIONTYPE || CWM$CUBE || CWM$CUBEDIMENSIONUSE || CWM$DIMENSION || CWM$DIMENSIONATTRIBUTE || CWM$DOMAIN || CWM$FACTLEVELGROUP || CWM$FACTLEVELUSE || CWM$FACTTABLEMAP || CWM$FACTUSE || CWM$FUNCTION || CWM$FUNCTIONUSE || CWM$HIERARCHY || CWM$ITEMMAP || CWM$ITEMUSE || CWM$LEVEL || CWM$LEVELATTRIBUTE || CWM$MEASURE || CWM$MEASUREDIMENSIONUSE || CWM$MODEL || CWM$OBJECTTYPE || CWM$PARAMETER || CWM$PROJECT || CWM2$AWCOMPOSITESPEC || CWM2$AWCOMPSPECMEMBERSHIP || CWM2$AWCUBEAGG || CWM2$AWCUBEAGGLEVEL || CWM2$AWCUBEAGGMEASURE || CWM2$AWCUBECOMPPLAN || CWM2$AWCUBECREATEACCESS || CWM2$AWCUBELOAD || CWM2$AWCUBELOADAGGPLAN || CWM2$AWCUBELOADFILTER || CWM2$AWCUBELOADMEASURE || CWM2$AWCUBELOADPARM || CWM2$AWCUBELOADPARMVALUE || CWM2$AWCUBELOADTYPE || CWM2$AWDIMCREATEACCESS || CWM2$AWDIMLOAD || CWM2$AWDIMLOADFILTER || CWM2$AWDIMLOADPARM || CWM2$AWDIMLOADPARMVALUE || CWM2$AWDIMLOADTYPE || CWM2$AWVIEWCOLS || CWM2$AWVIEWS || CWM2$AW_DIMENSIONMAP || CWM2$AW_MEASUREMAP || CWM2$CLASSIFICATIONVALUEPAIR || CWM2$CUBE || CWM2$CUBEDIMENSIONUSE || CWM2$DIMENSION || CWM2$DIMENSIONATTRIBUTE || CWM2$DIMHIERLVLMAP || CWM2$FACTDIMHIERMAP || CWM2$FACTDIMHIERTPLSDTL || CWM2$FACTKEYDIMHIERLVLMAP || CWM2$FACTKEYDIMHIERMAP || CWM2$HIERARCHY || CWM2$HIERCUSTOMSORT || CWM2$HIERLEVELREL || CWM2$LEVEL || CWM2$LEVELATTRIBUTE || CWM2$LEVELATTRIBUTEMAP || CWM2$MEASURE || CWM2$MEASURETABLEMAP || CWM2$MRALL_AWVIEWCOLS || CWM2$MRALL_AWVIEWS || CWM2$MRALL_CATALOGS || CWM2$MRALL_CATALOG_ENTITY_USES || CWM2$MRALL_CUBE_MEASURES || CWM2$MRALL_CWM1_AGGOP || CWM2$MRALL_CWM1_AGGORD || CWM2$MRALL_DIM_ATTRIBUTES || CWM2$MRALL_DIM_HIERS || CWM2$MRALL_DIM_HIER_LEVEL_USES || CWM2$MRALL_DIM_LEVEL_ATTR_MAPS || CWM2$MRALL_ENTITY_DESC_USES || CWM2$MRALL_ENTITY_EXT_PARMS || CWM2$MRALL_ENTITY_PARAMETERS || CWM2$MRALL_FACTTBLFCTMAPS || CWM2$MRALL_FACTTBLKEYMAPS || CWM2$MRALL_HIERDIMS || CWM2$MRALL_HIERDIM_KEYCOL_MAP || CWM2$MRALL_HIER_CUSTOM_SORT || CWM2$MRALL_JOIN_KEY_COL_USES || CWM2$MRALL_LISTDIMS || CWM2$MRALL_OLAP2_AGG_USES || CWM2$MRFACTTBLFCTMAPS || CWM2$MRFACTTBLKEYMAPS || CWM2$OLAPEXPORTCOMMANDTABLE || CWM2$OLAPEXPORTOBJECTTABLE || CWM2$OLAPVALIDATETABLE || CWM2$STOREDDIMLVLTPLS || CWM2$STOREDDIMLVLTPLSDTL || CWM2$_AW_NEXT_PERM_CUST_MEAS || CWM2$_AW_PERM_CUST_MEAS_MAP || CWM2$_TEMP_VALUES || MRAC_OLAP2_AWS_T || MRAC_OLAP2_AW_ATTRIBUTES_T || MRAC_OLAP2_AW_CUBES_T || MRAC_OLAP2_AW_CUBE_AGG_LVL_T || MRAC_OLAP2_AW_CUBE_AGG_MEAS_T || MRAC_OLAP2_AW_CUBE_AGG_OP_T || MRAC_OLAP2_AW_CUBE_AGG_SPECS_T || MRAC_OLAP2_AW_CUBE_DIM_USES_T || MRAC_OLAP2_AW_CUBE_MEASURES_T || MRAC_OLAP2_AW_DIMENSIONS_T || MRAC_OLAP2_AW_DIM_LEVELS_T || MRAC_OLAP2_AW_HIER_LVL_ORD_T || MRAC_OLAP2_AW_MAP_ATTR_USE_T || MRAC_OLAP2_AW_MAP_DIM_USE_T || MRAC_OLAP2_AW_MAP_MEAS_USE_T || MRAC_OLAP2_AW_PHYS_OBJ_PROP_T || MRAC_OLAP2_AW_PHYS_OBJ_T || OLAP_SESSION_CUBES || OLAP_SESSION_DIMS || OLAP_SESSION_OBJECTS || XML_LOAD_LOG || XML_LOAD_RECORDS |+--------------------------------+Database: SH[4 tables]+--------------------------------+| DR$SUP_TEXT_IDX$K || DR$SUP_TEXT_IDX$N || SALES || SALES_TRANSACTIONS_EXT |+--------------------------------+Database: SYSTEM[96 tables]+--------------------------------+| AQ$_INTERNET_AGENTS || AQ$_INTERNET_AGENT_PRIVS || AQ$_QUEUES || AQ$_QUEUE_TABLES || AQ$_SCHEDULES || DEF$_AQCALL || DEF$_AQERROR || DEF$_CALLDEST || DEF$_DEFAULTDEST || DEF$_DESTINATION || DEF$_ERROR || DEF$_LOB || DEF$_ORIGIN || DEF$_PROPAGATOR || DEF$_PUSHED_TRANSACTIONS || DEF$_TEMP$LOB || HELP || LOGMNRT_MDDL$ || LOGMNR_PARAMETER$ || LOGSTDBY$APPLY_MILESTONE || LOGSTDBY$EVENTS || LOGSTDBY$HISTORY || LOGSTDBY$PARAMETERS || LOGSTDBY$PLSQL || LOGSTDBY$SCN || LOGSTDBY$SKIP || LOGSTDBY$SKIP_SUPPORT || LOGSTDBY$SKIP_TRANSACTION || MVIEW$_ADV_AJG || MVIEW$_ADV_BASETABLE || MVIEW$_ADV_CLIQUE || MVIEW$_ADV_ELIGIBLE || MVIEW$_ADV_EXCEPTIONS || MVIEW$_ADV_FILTER || MVIEW$_ADV_FILTERINSTANCE || MVIEW$_ADV_FJG || MVIEW$_ADV_GC || MVIEW$_ADV_INDEX || MVIEW$_ADV_INFO || MVIEW$_ADV_JOURNAL || MVIEW$_ADV_LEVEL || MVIEW$_ADV_LOG || MVIEW$_ADV_OUTPUT || MVIEW$_ADV_OWB || MVIEW$_ADV_PARAMETERS || MVIEW$_ADV_PARTITION || MVIEW$_ADV_PLAN || MVIEW$_ADV_PRETTY || MVIEW$_ADV_ROLLUP || MVIEW$_ADV_SQLDEPEND || MVIEW$_ADV_TEMP || MVIEW$_ADV_WORKLOAD || REPCAT$_AUDIT_ATTRIBUTE || REPCAT$_AUDIT_COLUMN || REPCAT$_COLUMN_GROUP || REPCAT$_CONFLICT || REPCAT$_DDL || REPCAT$_EXCEPTIONS || REPCAT$_EXTENSION || REPCAT$_FLAVORS || REPCAT$_FLAVOR_OBJECTS || REPCAT$_GENERATED || REPCAT$_GROUPED_COLUMN || REPCAT$_INSTANTIATION_DDL || REPCAT$_KEY_COLUMNS || REPCAT$_OBJECT_PARMS || REPCAT$_OBJECT_TYPES || REPCAT$_PARAMETER_COLUMN || REPCAT$_PRIORITY || REPCAT$_PRIORITY_GROUP || REPCAT$_REFRESH_TEMPLATES || REPCAT$_REPCAT || REPCAT$_REPCATLOG || REPCAT$_REPCOLUMN || REPCAT$_REPGROUP_PRIVS || REPCAT$_REPOBJECT || REPCAT$_REPPROP || REPCAT$_REPSCHEMA || REPCAT$_RESOLUTION || REPCAT$_RESOLUTION_METHOD || REPCAT$_RESOLUTION_STATISTICS || REPCAT$_RESOL_STATS_CONTROL || REPCAT$_RUNTIME_PARMS || REPCAT$_SITES_NEW || REPCAT$_SITE_OBJECTS || REPCAT$_SNAPGROUP || REPCAT$_TEMPLATE_OBJECTS || REPCAT$_TEMPLATE_PARMS || REPCAT$_TEMPLATE_REFGROUPS || REPCAT$_TEMPLATE_SITES || REPCAT$_TEMPLATE_STATUS || REPCAT$_TEMPLATE_TARGETS || REPCAT$_TEMPLATE_TYPES || REPCAT$_USER_AUTHORIZATIONS || REPCAT$_USER_PARM_VALUES || SQLPLUS_PRODUCT_PROFILE |+--------------------------------+Database: DMSYS[2 tables]+--------------------------------+| DM$P_MODEL || DM$P_MODEL_TABLES |+--------------------------------+Database: SYS[649 tables]+--------------------------------+| DUAL || ACCESS$ || ALERT_QT || APPLY$_CONF_HDLR_COLUMNS || APPLY$_CONSTRAINT_COLUMNS || APPLY$_DEST_OBJ || APPLY$_DEST_OBJ_CMAP || APPLY$_DEST_OBJ_OPS || APPLY$_ERROR || APPLY$_ERROR_HANDLER || APPLY$_ERROR_TXN || APPLY$_SOURCE_OBJ || APPLY$_SOURCE_SCHEMA || APPLY$_VIRTUAL_OBJ_CONS || APPROLE$ || AQ$_ALERT_QT_S || AQ$_AQ$_MEM_MC_S || AQ$_KUPC$DATAPUMP_QUETAB_I || AQ$_KUPC$DATAPUMP_QUETAB_S || AQ$_MEM_MC || AQ$_MESSAGE_TYPES || AQ$_PENDING_MESSAGES || AQ$_PROPAGATION_STATUS || AQ$_PUBLISHER || AQ$_QUEUE_STATISTICS || AQ$_QUEUE_TABLE_AFFINITIES || AQ$_REPLAY_INFO || AQ$_SCHEDULER$_EVENT_QTAB_S || AQ$_SCHEDULER$_JOBQTAB_S || AQ$_SCHEDULES || AQ$_SYS$SERVICE_METRICS_TAB_G || AQ$_SYS$SERVICE_METRICS_TAB_H || AQ$_SYS$SERVICE_METRICS_TAB_I || AQ$_SYS$SERVICE_METRICS_TAB_S || AQ$_SYS$SERVICE_METRICS_TAB_T || AQ_EVENT_TABLE || AQ_SRVNTFN_TABLE || ARGUMENT$ || ASSOCIATION$ || ATTRCOL$ || ATTRIBUTE$ || ATTRIBUTE_TRANSFORMATIONS$ || AUD$ || AUDIT$ || AUDIT_ACTIONS || AURORA$SHUTDOWN$CLASSES$ || AURORA$STARTUP$CLASSES$ || AUX_STATS$ || AW$ || AW$AWCREATE || AW$AWCREATE10G || AW$AWMD || AW$AWREPORT || AW$AWXML || AW$EXPRESS || AW_OBJ$ || AW_PROP$ || BOOTSTRAP$ || CACHE_STATS_0$ || CACHE_STATS_1$ || CCOL$ || CDC_CHANGE_COLUMNS$ || CDC_CHANGE_SETS$ || CDC_CHANGE_SOURCES$ || CDC_CHANGE_TABLES$ || CDC_PROPAGATED_SETS$ || CDC_PROPAGATIONS$ || CDC_SUBSCRIBED_COLUMNS$ || CDC_SUBSCRIBED_TABLES$ || CDC_SUBSCRIBERS$ || CDC_SYSTEM$ || CDEF$ || CLU$ || COL$ || COLLECTION$ || COLTYPE$ || COL_USAGE$ || COM$ || CON$ || CONTEXT$ || DBMS_ALERT_INFO || DBMS_APPS_UPG_WORKING || DBMS_UPG_ACTION_QUEUE || DBMS_UPG_CAT_C0$ || DBMS_UPG_CAT_CS$ || DBMS_UPG_CAT_CT$ || DBMS_UPG_CHANGE$ || DBMS_UPG_CON_MAPPING || DBMS_UPG_DEBUG || DBMS_UPG_INVALIDATE || DBMS_UPG_LOG$ || DBMS_UPG_OBJAUTH_C0$ || DBMS_UPG_OBJAUTH_CS$ || DBMS_UPG_OBJAUTH_CT$ || DBMS_UPG_OBJECT$ || DBMS_UPG_RLS_C0$ || DBMS_UPG_RLS_CS$ || DBMS_UPG_RLS_CT$ || DBMS_UPG_STATUS$ || DBMS_UPG_SYSAUTH_C0$ || DBMS_UPG_SYSAUTH_CS$ || DBMS_UPG_SYSAUTH_CT$ || DEFROLE$ || DEFSUBPART$ || DEFSUBPARTLOB$ || DEPENDENCY$ || DIM$ || DIMATTR$ || DIMJOINKEY$ || DIMLEVEL$ || DIMLEVELKEY$ || DIR$ || DIR$ALERT_HISTORY || DIR$DATABASE_ATTRIBUTES || DIR$ESCALATE_OPERATIONS || DIR$INSTANCE_ACTIONS || DIR$MIGRATE_OPERATIONS || DIR$NODE_ATTRIBUTES || DIR$QUIESCE_OPERATIONS || DIR$REASON_STRINGS || DIR$RESONATE_OPERATIONS || DIR$SERVICE_ATTRIBUTES || DIR$SERVICE_OPERATIONS || DIR$VICTIM_POLICY || DUC$ || ENC$ || EPG$_AUTH || ERROR$ || EXPACT$ || EXPDEPACT$ || EXPDEPOBJ$ || EXPIMP_TTS_CT$ || EXPPKGACT$ || EXPPKGOBJ$ || EXTERNAL_LOCATION$ || EXTERNAL_TAB$ || FET$ || FGA$ || FGACOL$ || FGA_LOG$ || FGR$_FILE_GROUPS || FGR$_FILE_GROUP_EXPORT_INFO || FGR$_FILE_GROUP_FILES || FGR$_FILE_GROUP_VERSIONS || FGR$_TABLESPACE_INFO || FGR$_TABLE_INFO || FILE$ || FIXED_OBJ$ || HIER$ || HIERLEVEL$ || HISTGRM$ || HIST_HEAD$ || HS$_BASE_CAPS || HS$_BASE_DD || HS$_CLASS_CAPS || HS$_CLASS_DD || HS$_CLASS_INIT || HS$_FDS_CLASS || HS$_FDS_CLASS_DATE || HS$_FDS_INST || HS$_INST_CAPS || HS$_INST_DD || HS$_INST_INIT || ICOL$ || ICOLDEP$ || IDL_CHAR$ || IDL_SB4$ || IDL_UB1$ || IDL_UB2$ || ID_GENS$ || INCEXP || INCFIL || INCVID || IND$ || INDARRAYTYPE$ || INDCOMPART$ || INDOP$ || INDPART$ || INDPART_PARAM$ || INDSUBPART$ || INDTYPES$ || IND_ONLINE$ || IND_STATS$ || INVALIDATION_REGISTRY$ || JACCELERATOR$DLLS || JACCELERATOR$DLL_ERRORS || JACCELERATOR$STATUS || JAVA$JVM$STATUS || JAVA$JVM$STEPS$DONE || JAVA$POLICY$ || JAVA$POLICY$SHARED$TABLE || JAVA$PREFS$ || JAVA$RMJVM$AUX || JAVA$RMJVM$AUX2 || JAVA$RMJVM$AUX3 || JAVAOBJ$ || JAVASNM$ || JIJOIN$ || JIREFRESHSQL$ || JOB$ || KOPM$ || KUPC$DATAPUMP_QUETAB || KU_NOEXP_TAB || LIBRARY$ || LINK$ || LOB$ || LOBCOMPPART$ || LOBFRAG$ || LOC$ || LOG$ || LOGMNRG_ATTRCOL$ || LOGMNRG_ATTRIBUTE$ || LOGMNRG_CCOL$ || LOGMNRG_CDEF$ || LOGMNRG_COL$ || LOGMNRG_COLTYPE$ || LOGMNRG_DICTIONARY$ || LOGMNRG_ICOL$ || LOGMNRG_IND$ || LOGMNRG_INDCOMPART$ || LOGMNRG_INDPART$ || LOGMNRG_INDSUBPART$ || LOGMNRG_LOB$ || LOGMNRG_LOBFRAG$ || LOGMNRG_OBJ$ || LOGMNRG_SEED$ || LOGMNRG_TAB$ || LOGMNRG_TABCOMPART$ || LOGMNRG_TABPART$ || LOGMNRG_TABSUBPART$ || LOGMNRG_TS$ || LOGMNRG_TYPE$ || LOGMNRG_USER$ || LOGMNRT_ATTRCOL$ || LOGMNRT_ATTRIBUTE$ || LOGMNRT_CCOL$ || LOGMNRT_CDEF$ || LOGMNRT_COL$ || LOGMNRT_COLTYPE$ || LOGMNRT_DICTIONARY$ || LOGMNRT_ICOL$ || LOGMNRT_IND$ || LOGMNRT_INDCOMPART$ || LOGMNRT_INDPART$ || LOGMNRT_INDSUBPART$ || LOGMNRT_LOB$ || LOGMNRT_LOBFRAG$ || LOGMNRT_OBJ$ || LOGMNRT_SEED$ || LOGMNRT_TAB$ || LOGMNRT_TABCOMPART$ || LOGMNRT_TABPART$ || LOGMNRT_TABSUBPART$ || LOGMNRT_TS$ || LOGMNRT_TYPE$ || LOGMNRT_USER$ || LOGMNR_INTERESTING_COLS || MAP_COMPLIST$ || MAP_ELEMENT$ || MAP_EXTELEMENT$ || MAP_FILE$ || MAP_FILE_EXTENT$ || MAP_SUBELEMENT$ || METAFILTER$ || METANAMETRANS$ || METAPATHMAP$ || METASCRIPT$ || METASCRIPTFILTER$ || METASTYLESHEET || METAVIEW$ || METAXSL$ || METAXSLPARAM$ || METHOD$ || MIGRATE$ || MLOG$ || MLOG_REFCOL$ || MON_MODS$ || MON_MODS_ALL$ || NCOMP_DLL$ || NOEXP$ || NTAB$ || OBJ$ || OBJAUTH$ || OBJECT_USAGE || OBJPRIV$ || ODCI_SECOBJ$ || ODCI_WARNINGS$ || OID$ || OLAP$ALTER_SESSION || OLAPI_HISTORY || OLAPI_IFACE_OBJECT_HISTORY || OLAPI_IFACE_OP_HISTORY || OLAPI_MEMORY_HEAP_HISTORY || OLAPI_MEMORY_OP_HISTORY || OLAPI_SESSION_HISTORY || OLAPTABLEVELS || OLAPTABLEVELTUPLES || OLAP_OLEDB_FUNCTIONS_PVT || OLAP_OLEDB_KEYWORDS || OLAP_OLEDB_MDPROPS || OLAP_OLEDB_MDPROPVALS || OPANCILLARY$ || OPARG$ || OPBINDING$ || OPERATOR$ || OPQTYPE$ || OPTSTAT_HIST_CONTROL$ || PARAMETER$ || PARTCOL$ || PARTLOB$ || PARTOBJ$ || PENDING_SESSIONS$ || PENDING_SUB_SESSIONS$ || PENDING_TRANS$ || PLAN_TABLE$ || PROCEDURE$ || PROCEDUREC$ || PROCEDUREINFO$ || PROCEDUREJAVA$ || PROCEDUREPLSQL$ || PROFILE$ || PROFNAME$ || PROPS$ || PROXY_DATA$ || PROXY_INFO$ || PROXY_ROLE_DATA$ || PROXY_ROLE_INFO$ || PS$ || PSTUBTBL || RECO_SCRIPT$ || RECO_SCRIPT_BLOCK$ || RECO_SCRIPT_ERROR$ || RECO_SCRIPT_PARAMS$ || RECYCLEBIN$ || REC_TAB$ || REC_VAR$ || REDEF$ || REDEF_DEP_ERROR$ || REDEF_OBJECT$ || REFCON$ || REG$ || REGISTRY$ || REGISTRY$DATABASE || REGISTRY$HISTORY || REGISTRY$LOG || REGISTRY$SCHEMAS || REG_SNAP$ || RESOURCE_CONSUMER_GROUP$ || RESOURCE_COST$ || RESOURCE_GROUP_MAPPING$ || RESOURCE_MAP || RESOURCE_MAPPING_PRIORITY$ || RESOURCE_PLAN$ || RESOURCE_PLAN_DIRECTIVE$ || RESULT$ || RGCHILD$ || RGROUP$ || RLS$ || RLS_CTX$ || RLS_GRP$ || RLS_SC$ || RULE$ || RULESET$ || RULE_EC$ || RULE_MAP$ || RULE_SET$ || RULE_SET_EE$ || RULE_SET_FOB$ || RULE_SET_IEUAC$ || RULE_SET_NL$ || RULE_SET_RDEP$ || RULE_SET_RE$ || RULE_SET_ROR$ || RULE_SET_TE$ || RULE_SET_VE$ || SCHEDULER$_CHAIN || SCHEDULER$_CLASS || SCHEDULER$_EVENT_LOG || SCHEDULER$_EVENT_QTAB || SCHEDULER$_EVTQ_SUB || SCHEDULER$_GLOBAL_ATTRIBUTE || SCHEDULER$_JOB || SCHEDULER$_JOBQTAB || SCHEDULER$_JOB_ARGUMENT || SCHEDULER$_JOB_RUN_DETAILS || SCHEDULER$_OLDOIDS || SCHEDULER$_PROGRAM || SCHEDULER$_PROGRAM_ARGUMENT || SCHEDULER$_SCHEDULE || SCHEDULER$_SRCQ_INFO || SCHEDULER$_SRCQ_MAP || SCHEDULER$_STEP || SCHEDULER$_STEP_STATE || SCHEDULER$_WINDOW || SCHEDULER$_WINDOW_DETAILS || SCHEDULER$_WINDOW_GROUP || SCHEDULER$_WINGRP_MEMBER || SECOBJ$ || SEG$ || SEQ$ || SERVICE$ || SETTINGS$ || SLOG$ || SMON_SCN_TIME || SNAP$ || SNAP_COLMAP$ || SNAP_LOADERTIME$ || SNAP_LOGDEP$ || SNAP_OBJCOL$ || SNAP_REFOP$ || SNAP_REFTIME$ || SNAP_SITE$ || SOURCE$ || SQL$ || SQL$TEXT || SQLPROF$ || SQLPROF$ATTR || SQLPROF$DESC || SQL_VERSION$ || STATS_TARGET$ || STMT_AUDIT_OPTION_MAP || STREAMS$_APPLY_MILESTONE || STREAMS$_APPLY_PROCESS || STREAMS$_APPLY_PROGRESS || STREAMS$_APPLY_SPILL_MESSAGES || STREAMS$_APPLY_SPILL_TXN || STREAMS$_APPLY_SPILL_TXN_LIST || STREAMS$_CAPTURE_PROCESS || STREAMS$_DEF_PROC || STREAMS$_DEST_OBJS || STREAMS$_DEST_OBJ_COLS || STREAMS$_EXTRA_ATTRS || STREAMS$_INTERNAL_TRANSFORM || STREAMS$_KEY_COLUMNS || STREAMS$_MESSAGE_CONSUMERS || STREAMS$_MESSAGE_RULES || STREAMS$_PREPARE_DDL || STREAMS$_PREPARE_OBJECT || STREAMS$_PRIVILEGED_USER || STREAMS$_PROCESS_PARAMS || STREAMS$_PROPAGATION_PROCESS || STREAMS$_RULES || SUBCOLTYPE$ || SUBPARTCOL$ || SUM$ || SUMAGG$ || SUMDELTA$ || SUMDEP$ || SUMDETAIL$ || SUMINLINE$ || SUMJOIN$ || SUMKEY$ || SUMPARTLOG$ || SUMPRED$ || SUMQB$ || SUPEROBJ$ || SYN$ || SYS$SERVICE_METRICS_TAB || SYSAUTH$ || SYSTEM_PRIVILEGE_MAP || SYS_IOT_OVER_4478 || SYS_IOT_OVER_4484 || SYS_IOT_OVER_4488 || SYS_IOT_OVER_5082 || SYS_IOT_OVER_5168 || SYS_IOT_OVER_53218 || SYS_IOT_OVER_53362 || SYS_IOT_OVER_8689 || SYS_IOT_OVER_8799 || SYS_IOT_OVER_9692 || TAB$ || TABCOMPART$ || TABLE_PRIVILEGE_MAP || TABPART$ || TABSUBPART$ || TAB_STATS$ || TRANSFORMATIONS$ || TRIGGER$ || TRIGGERCOL$ || TRIGGERJAVAC$ || TRIGGERJAVAF$ || TRIGGERJAVAM$ || TRIGGERJAVAS$ || TRUSTED_LIST$ || TS$ || TSM_DST$ || TSM_SRC$ || TSQ$ || TYPE$ || TYPED_VIEW$ || TYPEHIERARCHY$ || TYPE_MISC$ || UET$ || UGROUP$ || UNDO$ || USER$ || USER_ASTATUS_MAP || USER_HISTORY$ || USTATS$ || UTL_RECOMP_COMPILED || UTL_RECOMP_ERRORS || VIEW$ || VIEWCON$ || VIEWTRCOL$ || VTABLE$ || WARNING_SETTINGS$ || WRH$_ACTIVE_SESSION_HISTORY_BL || WRH$_BG_EVENT_SUMMARY || WRH$_BUFFERED_QUEUES || WRH$_BUFFERED_SUBSCRIBERS || WRH$_BUFFER_POOL_STATISTICS || WRH$_COMP_IOSTAT || WRH$_CR_BLOCK_SERVER || WRH$_CURRENT_BLOCK_SERVER || WRH$_DATAFILE || WRH$_DB_CACHE_ADVICE_BL || WRH$_DLM_MISC_BL || WRH$_ENQUEUE_STAT || WRH$_EVENT_NAME || WRH$_FILEMETRIC_HISTORY || WRH$_FILESTATXS_BL || WRH$_INSTANCE_RECOVERY || WRH$_INST_CACHE_TRANSFER_BL || WRH$_JAVA_POOL_ADVICE || WRH$_LATCH_BL || WRH$_LATCH_CHILDREN_BL || WRH$_LATCH_MISSES_SUMMARY_BL || WRH$_LATCH_NAME || WRH$_LATCH_PARENT_BL || WRH$_LIBRARYCACHE || WRH$_LOG || WRH$_METRIC_NAME || WRH$_MTTR_TARGET_ADVICE || WRH$_OPTIMIZER_ENV || WRH$_OSSTAT_BL || WRH$_OSSTAT_NAME || WRH$_PARAMETER_BL || WRH$_PARAMETER_NAME || WRH$_PGASTAT || WRH$_PGA_TARGET_ADVICE || WRH$_PROCESS_MEMORY_SUMMARY || WRH$_RESOURCE_LIMIT || WRH$_ROWCACHE_SUMMARY_BL || WRH$_RULE_SET || WRH$_SEG_STAT_BL || WRH$_SEG_STAT_OBJ || WRH$_SERVICE_NAME || WRH$_SERVICE_STAT_BL || WRH$_SERVICE_WAIT_CLASS_BL || WRH$_SESSMETRIC_HISTORY || WRH$_SESS_TIME_STATS || WRH$_SGA || WRH$_SGASTAT_BL || WRH$_SGA_TARGET_ADVICE || WRH$_SHARED_POOL_ADVICE || WRH$_SQLSTAT_BL || WRH$_SQLTEXT || WRH$_SQL_BIND_METADATA || WRH$_SQL_PLAN || WRH$_SQL_SUMMARY || WRH$_SQL_WORKAREA_HISTOGRAM || WRH$_STAT_NAME || WRH$_STREAMS_APPLY_SUM || WRH$_STREAMS_CAPTURE || WRH$_STREAMS_POOL_ADVICE || WRH$_SYSMETRIC_HISTORY || WRH$_SYSMETRIC_SUMMARY || WRH$_SYSSTAT_BL || WRH$_SYSTEM_EVENT_BL || WRH$_SYS_TIME_MODEL_BL || WRH$_TABLESPACE_SPACE_USAGE || WRH$_TABLESPACE_STAT_BL || WRH$_TEMPFILE || WRH$_TEMPSTATXS || WRH$_THREAD || WRH$_UNDOSTAT || WRH$_WAITCLASSMETRIC_HISTORY || WRH$_WAITSTAT_BL || WRI$_ADV_ACTIONS || WRI$_ADV_DEFINITIONS || WRI$_ADV_DEF_PARAMETERS || WRI$_ADV_DIRECTIVES || WRI$_ADV_FINDINGS || WRI$_ADV_JOURNAL || WRI$_ADV_MESSAGE_GROUPS || WRI$_ADV_OBJECTS || WRI$_ADV_OBJSPACE_CHROW_DATA || WRI$_ADV_OBJSPACE_TREND_DATA || WRI$_ADV_PARAMETERS || WRI$_ADV_RATIONALE || WRI$_ADV_RECOMMENDATIONS || WRI$_ADV_REC_ACTIONS || WRI$_ADV_SQLA_FAKE_REG || WRI$_ADV_SQLA_MAP || WRI$_ADV_SQLA_STMTS || WRI$_ADV_SQLA_TMP || WRI$_ADV_SQLT_BINDS || WRI$_ADV_SQLT_PLANS || WRI$_ADV_SQLT_RTN_PLAN || WRI$_ADV_SQLT_STATISTICS || WRI$_ADV_SQLW_COLVOL || WRI$_ADV_SQLW_STMTS || WRI$_ADV_SQLW_SUM || WRI$_ADV_SQLW_TABLES || WRI$_ADV_SQLW_TABVOL || WRI$_ADV_TASKS || WRI$_ADV_USAGE || WRI$_AGGREGATION_ENABLED || WRI$_ALERT_HISTORY || WRI$_ALERT_OUTSTANDING || WRI$_ALERT_THRESHOLD || WRI$_ALERT_THRESHOLD_LOG || WRI$_DBU_CPU_USAGE || WRI$_DBU_CPU_USAGE_SAMPLE || WRI$_DBU_FEATURE_METADATA || WRI$_DBU_FEATURE_USAGE || WRI$_DBU_HIGH_WATER_MARK || WRI$_DBU_HWM_METADATA || WRI$_DBU_USAGE_SAMPLE || WRI$_OPTSTAT_AUX_HISTORY || WRI$_OPTSTAT_HISTGRM_HISTORY || WRI$_OPTSTAT_HISTHEAD_HISTORY || WRI$_OPTSTAT_IND_HISTORY || WRI$_OPTSTAT_OPR || WRI$_OPTSTAT_TAB_HISTORY || WRI$_SCH_CONTROL || WRI$_SCH_VOTES || WRI$_SEGADV_CNTRLTAB || WRI$_SEGADV_OBJLIST || WRI$_SQLSET_BINDS || WRI$_SQLSET_DEFINITIONS || WRI$_SQLSET_MASK || WRI$_SQLSET_PLANS || WRI$_SQLSET_PLAN_LINES || WRI$_SQLSET_REFERENCES || WRI$_SQLSET_STATEMENTS || WRI$_SQLSET_STATISTICS || WRI$_SQLSET_WORKSPACE || WRI$_TRACING_ENABLED || WRM$_BASELINE || WRM$_DATABASE_INSTANCE || WRM$_SNAPSHOT || WRM$_SNAP_ERROR || WRM$_WR_CONTROL || WRR$_CAPTURES || WRR$_CAPTURE_STATS || WRR$_FILTERS || XDB_INSTALLATION_TAB || _DEFAULT_AUDITING_OPTIONS_ |+--------------------------------+Database: HBWZ[68 tables]+--------------------------------+| ATTACH || BUS_DOC || BUS_DOC_ATTACHMENT || CMS_CHANNEL || CMS_CHANNELPROPERTY || CMS_CHANNELRIGHT || CMS_CLICKCOOKIE || CMS_CLICK_IP || CMS_CLICK_WSBS || CMS_CONFIG || CMS_DOCLOG || CMS_DOCPROPERTY || CMS_DOCSTATUS || CMS_DOCUMENT || CMS_DOCUMENTPROPERTY || CMS_OPER || CMS_PAGE || CMS_SCHEDULE || CMS_SITE || CMS_SITERIGHT || CMS_SITEUSER || CMS_SPECIAL || CMS_STATITEM || CMS_TEMP || DIC_AREA || DIC_DICTIONARY || DIC_DOCFROM || DIC_HFFS || DIC_HFKS || DIC_JLHD_BUSINESSTYPE || DIC_STATUS || DIC_TJZX || DIC_USERTYPE || DIC_ZXLB || DIC_ZXZX_SERVICETYPE || JLHD_JZXX || JLHD_TSJB || JLHD_ZXZX || NEWNET_OLDNET || QT_CQZC || SYSTEM_ID || SYS_MENU || SYS_RESOURCE || SYS_RIGHT || SYS_SUBSYSTEM || T_SURVEY || T_SURVEYITEM || UAMS_ORG || UAMS_ROLE || UAMS_ROLEMENU || UAMS_ROLERIGHT || UAMS_ROLESUBSYSTEM || UAMS_ROLEUSER || UAMS_USER || WJ_ADMINS || WJ_OBJECT || WJ_QUESTION || WJ_REQUEST || WJ_SELECTER || WSZB_FILE || WSZB_SP || WSZB_TOPIC || WSZB_WYPL || WSZB_WZZB || XW_WZHF || ZXZX_QX || ZX_DX || ZX_INFO |+--------------------------------+Database: MDSYS[54 tables]+--------------------------------+| FINAL_PARTITION || MD$RELATE || OGIS_GEOMETRY_COLUMNS || OGIS_SPATIAL_REFERENCE_SYSTEMS || PARTITION_TMP_2 || PARTITION_TMP_3 || SDO_ANNOTATION_TEXT_METADATA || SDO_COORD_AXES || SDO_COORD_AXIS_NAMES || SDO_COORD_OPS || SDO_COORD_OP_METHODS || SDO_COORD_OP_PARAMS || SDO_COORD_OP_PARAM_USE || SDO_COORD_OP_PARAM_VALS || SDO_COORD_OP_PATHS || SDO_COORD_REF_SYS || SDO_COORD_SYS || SDO_CS_SRS || SDO_DATUMS || SDO_DATUMS_OLD_SNAPSHOT || SDO_ELLIPSOIDS || SDO_ELLIPSOIDS_OLD_SNAPSHOT || SDO_GEOM_METADATA_TABLE || SDO_GEOR_PLUGIN_REGISTRY || SDO_GEOR_SYSDATA_TABLE || SDO_GEOR_XMLSCHEMA_TABLE || SDO_GR_MOSAIC_0 || SDO_GR_MOSAIC_1 || SDO_GR_MOSAIC_2 || SDO_GR_MOSAIC_3 || SDO_GR_RDT_1 || SDO_INDEX_METADATA_TABLE || SDO_LRS_METADATA_TABLE || SDO_MAPS_TABLE || SDO_NETWORK_CONSTRAINTS || SDO_NETWORK_METADATA_TABLE || SDO_NETWORK_USER_DATA || SDO_PREFERRED_OPS_SYSTEM || SDO_PREFERRED_OPS_USER || SDO_PRIME_MERIDIANS || SDO_PROJECTIONS_OLD_SNAPSHOT || SDO_STYLES_TABLE || SDO_ST_TOLERANCE || SDO_THEMES_TABLE || SDO_TOPO_DATA$ || SDO_TOPO_MAPS || SDO_TOPO_METADATA_TABLE || SDO_TOPO_RELATION_DATA || SDO_TOPO_TRANSACT_DATA || SDO_TXN_IDX_DELETES || SDO_TXN_IDX_EXP_UPD_RGN || SDO_TXN_IDX_INSERTS || SDO_UNITS_OF_MEASURE || SDO_XML_SCHEMAS |+--------------------------------+Database: SCOTT[4 tables]+--------------------------------+| BONUS || DEPT || EMP || SALGRADE |+--------------------------------+Database: TSMSYS[1 table]+--------------------------------+| SRS$ |+--------------------------------+Database: EXFSYS[18 tables]+--------------------------------+| EXF$DEFIDXPARAM || EXF$ESETIDXPARAM || EXF$PARAMETER || EXF$PLAN_TABLE || EXF$PREDATTRMAP || EXF$VALIDIOPER || EXF$VALIDPRIVS || EXF$VERSION || RLM$SCHACTLIST || SYS_IOT_OVER_40409 || SYS_IOT_OVER_42445 || SYS_IOT_OVER_42452 || SYS_IOT_OVER_42459 || SYS_IOT_OVER_42462 || SYS_IOT_OVER_42481 || SYS_IOT_OVER_42484 || SYS_IOT_OVER_42487 || SYS_IOT_OVER_42490 |+--------------------------------+Database: CTXSYS[26 tables]+--------------------------------+| DR$CLASS || DR$INDEX || DR$INDEX_ERROR || DR$INDEX_PARTITION || DR$INDEX_SET || DR$INDEX_SET_INDEX || DR$INDEX_VALUE || DR$NUMBER_SEQUENCE || DR$NVTAB || DR$OBJECT || DR$OBJECT_ATTRIBUTE || DR$OBJECT_ATTRIBUTE_LOV || DR$POLICY_TAB || DR$PREFERENCE || DR$PREFERENCE_VALUE || DR$SECTION || DR$SECTION_GROUP || DR$STATS || DR$STOPLIST || DR$SUB_LEXER || DR$THS || DR$THS_BT || DR$THS_PHRASE || DR$WAITING || SYS_IOT_OVER_40883 || SYS_IOT_OVER_40928 |+--------------------------------+Database: OE[8 tables]+--------------------------------+| CUSTOMERS || INVENTORIES || PRODUCT_DESCRIPTIONS || PRODUCT_INFORMATION || PRODUCT_REF_LIST_NESTEDTAB || SUBCATEGORY_REF_LIST_NESTEDTAB || SYS_IOT_OVER_52439 || SYS_IOT_OVER_52444 |+--------------------------------+Database: WMSYS[35 tables]+--------------------------------+| AQ$_WM$EVENT_QUEUE_TABLE_S || SYS_IOT_OVER_10099 || WM$ADT_FUNC_TABLE || WM$BATCH_COMPRESSIBLE_TABLES || WM$CONS_COLUMNS || WM$ENV_VARS || WM$EVENTS_INFO || WM$EVENT_QUEUE_TABLE || WM$HINT_TABLE || WM$INSTEADOF_TRIGS_TABLE || WM$LOCKROWS_INFO || WM$LOG_TABLE || WM$LOG_TABLE_ERRORS || WM$MODIFIED_TABLES || WM$MP_GRAPH_WORKSPACES_TABLE || WM$MP_PARENT_WORKSPACES_TABLE || WM$NESTED_COLUMNS_TABLE || WM$NEXTVER_TABLE || WM$REMOVED_WORKSPACES_TABLE || WM$REPLICATION_DETAILS_TABLE || WM$REPLICATION_TABLE || WM$RESOLVE_WORKSPACES_TABLE || WM$RIC_LOCKING_TABLE || WM$RIC_TABLE || WM$RIC_TRIGGERS_TABLE || WM$SYSPARAM_ALL_VALUES || WM$TMP_DBA_CONSTRAINTS || WM$UDTRIG_DISPATCH_PROCS || WM$VERSIONED_TABLES || WM$VERSION_HIERARCHY_TABLE |

漏洞证明:

已证明

修复方案:

过滤

漏洞回应

厂商回应:

危害等级:高

漏洞Rank:15

确认时间:2015-03-02 09:02

厂商回复:

最新状态:

暂无

评价

  1. 2010-01-01 00:00 BMa 白帽子 | Rank:1666 漏洞数:121)

    干得漂亮,他不修,你就使劲挖