2020-12-30 22:09:58 +01:00
|
|
|
|
[
|
2021-04-05 05:11:01 +02:00
|
|
|
|
{
|
|
|
|
|
|
"id": 243416592,
|
|
|
|
|
|
"name": "cve-2020-0688",
|
|
|
|
|
|
"full_name": "Ridter\/cve-2020-0688",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "Ridter",
|
|
|
|
|
|
"id": 6007471,
|
|
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4",
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/Ridter"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/Ridter\/cve-2020-0688",
|
|
|
|
|
|
"description": "cve-2020-0688",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2020-02-27T02:54:27Z",
|
2021-08-27 17:13:57 +02:00
|
|
|
|
"updated_at": "2021-08-27T10:55:49Z",
|
2021-04-05 05:11:01 +02:00
|
|
|
|
"pushed_at": "2020-06-19T09:28:15Z",
|
2021-08-27 17:13:57 +02:00
|
|
|
|
"stargazers_count": 274,
|
|
|
|
|
|
"watchers_count": 274,
|
2021-08-17 11:12:41 +02:00
|
|
|
|
"forks_count": 93,
|
|
|
|
|
|
"forks": 93,
|
2021-08-27 17:13:57 +02:00
|
|
|
|
"watchers": 274,
|
2021-04-05 05:11:01 +02:00
|
|
|
|
"score": 0
|
|
|
|
|
|
},
|
2020-12-30 22:09:58 +01:00
|
|
|
|
{
|
|
|
|
|
|
"id": 243640997,
|
|
|
|
|
|
"name": "CVE-2020-0688",
|
|
|
|
|
|
"full_name": "righter83\/CVE-2020-0688",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "righter83",
|
|
|
|
|
|
"id": 12727740,
|
2021-01-21 16:10:20 +01:00
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12727740?v=4",
|
2020-12-30 22:09:58 +01:00
|
|
|
|
"html_url": "https:\/\/github.com\/righter83"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/righter83\/CVE-2020-0688",
|
|
|
|
|
|
"description": "Exchange Scanner CVE-2020-0688",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2020-02-27T23:55:04Z",
|
2021-03-11 22:09:25 +01:00
|
|
|
|
"updated_at": "2021-03-11T15:57:36Z",
|
2020-12-30 22:09:58 +01:00
|
|
|
|
"pushed_at": "2020-11-06T13:33:30Z",
|
2021-03-11 22:09:25 +01:00
|
|
|
|
"stargazers_count": 1,
|
|
|
|
|
|
"watchers_count": 1,
|
2020-12-30 22:09:58 +01:00
|
|
|
|
"forks_count": 2,
|
|
|
|
|
|
"forks": 2,
|
2021-03-11 22:09:25 +01:00
|
|
|
|
"watchers": 1,
|
2020-12-30 22:09:58 +01:00
|
|
|
|
"score": 0
|
|
|
|
|
|
},
|
2021-01-31 04:09:38 +01:00
|
|
|
|
{
|
|
|
|
|
|
"id": 243801603,
|
|
|
|
|
|
"name": "CVE-2020-0688-Scanner",
|
|
|
|
|
|
"full_name": "onSec-fr\/CVE-2020-0688-Scanner",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "onSec-fr",
|
|
|
|
|
|
"id": 59887731,
|
|
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59887731?v=4",
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/onSec-fr"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/onSec-fr\/CVE-2020-0688-Scanner",
|
|
|
|
|
|
"description": "Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2020-02-28T16:04:30Z",
|
2021-08-16 17:12:20 +02:00
|
|
|
|
"updated_at": "2021-08-16T12:49:13Z",
|
2021-06-01 11:11:51 +02:00
|
|
|
|
"pushed_at": "2021-06-01T07:36:53Z",
|
2021-08-16 17:12:20 +02:00
|
|
|
|
"stargazers_count": 36,
|
|
|
|
|
|
"watchers_count": 36,
|
|
|
|
|
|
"forks_count": 13,
|
|
|
|
|
|
"forks": 13,
|
|
|
|
|
|
"watchers": 36,
|
2021-01-31 04:09:38 +01:00
|
|
|
|
"score": 0
|
|
|
|
|
|
},
|
2021-06-29 05:11:17 +02:00
|
|
|
|
{
|
|
|
|
|
|
"id": 244149446,
|
|
|
|
|
|
"name": "CVE-2020-0688",
|
|
|
|
|
|
"full_name": "zcgonvh\/CVE-2020-0688",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "zcgonvh",
|
|
|
|
|
|
"id": 25787677,
|
|
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25787677?v=4",
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/zcgonvh"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/zcgonvh\/CVE-2020-0688",
|
|
|
|
|
|
"description": "Exploit and detect tools for CVE-2020-0688",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2020-03-01T12:57:32Z",
|
2021-08-18 11:12:10 +02:00
|
|
|
|
"updated_at": "2021-08-18T04:31:56Z",
|
2021-06-29 05:11:17 +02:00
|
|
|
|
"pushed_at": "2020-03-21T05:44:48Z",
|
2021-08-18 11:12:10 +02:00
|
|
|
|
"stargazers_count": 297,
|
|
|
|
|
|
"watchers_count": 297,
|
2021-08-15 23:14:51 +02:00
|
|
|
|
"forks_count": 72,
|
|
|
|
|
|
"forks": 72,
|
2021-08-18 11:12:10 +02:00
|
|
|
|
"watchers": 297,
|
2021-06-29 05:11:17 +02:00
|
|
|
|
"score": 0
|
|
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"id": 248554405,
|
|
|
|
|
|
"name": "CVE-2020-0688",
|
|
|
|
|
|
"full_name": "cert-lv\/CVE-2020-0688",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "cert-lv",
|
|
|
|
|
|
"id": 22764485,
|
|
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22764485?v=4",
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/cert-lv"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/cert-lv\/CVE-2020-0688",
|
|
|
|
|
|
"description": "Vulnerability scanner for CVE-2020-0688",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2020-03-19T16:39:56Z",
|
2021-08-17 17:12:22 +02:00
|
|
|
|
"updated_at": "2021-08-17T14:49:53Z",
|
2021-06-29 05:11:17 +02:00
|
|
|
|
"pushed_at": "2020-03-19T16:41:39Z",
|
2021-08-17 17:12:22 +02:00
|
|
|
|
"stargazers_count": 7,
|
|
|
|
|
|
"watchers_count": 7,
|
2021-06-29 05:11:17 +02:00
|
|
|
|
"forks_count": 2,
|
|
|
|
|
|
"forks": 2,
|
2021-08-17 17:12:22 +02:00
|
|
|
|
"watchers": 7,
|
2021-06-29 05:11:17 +02:00
|
|
|
|
"score": 0
|
|
|
|
|
|
},
|
2021-04-05 05:11:01 +02:00
|
|
|
|
{
|
|
|
|
|
|
"id": 251646716,
|
|
|
|
|
|
"name": "CVE-2020-0688",
|
|
|
|
|
|
"full_name": "ravinacademy\/CVE-2020-0688",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "ravinacademy",
|
|
|
|
|
|
"id": 62107070,
|
|
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62107070?v=4",
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/ravinacademy"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/ravinacademy\/CVE-2020-0688",
|
|
|
|
|
|
"description": "Exploitation Script for CVE-2020-0688 \"Microsoft Exchange default MachineKeySection deserialize vulnerability\"",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2020-03-31T15:29:52Z",
|
|
|
|
|
|
"updated_at": "2021-02-07T08:36:06Z",
|
|
|
|
|
|
"pushed_at": "2020-04-01T06:57:50Z",
|
|
|
|
|
|
"stargazers_count": 12,
|
|
|
|
|
|
"watchers_count": 12,
|
|
|
|
|
|
"forks_count": 9,
|
|
|
|
|
|
"forks": 9,
|
|
|
|
|
|
"watchers": 12,
|
|
|
|
|
|
"score": 0
|
|
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"id": 253240950,
|
|
|
|
|
|
"name": "Exploit_CVE-2020-0688",
|
|
|
|
|
|
"full_name": "mahyarx\/Exploit_CVE-2020-0688",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "mahyarx",
|
|
|
|
|
|
"id": 7817627,
|
|
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7817627?v=4",
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/mahyarx"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/mahyarx\/Exploit_CVE-2020-0688",
|
|
|
|
|
|
"description": "CVE-2020-0688 \"Microsoft Exchange default MachineKeySection deserialize vulnerability\" ",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2020-04-05T13:26:03Z",
|
2021-06-29 23:12:38 +02:00
|
|
|
|
"updated_at": "2021-06-29T18:02:11Z",
|
2021-04-05 05:11:01 +02:00
|
|
|
|
"pushed_at": "2020-04-05T13:33:10Z",
|
2021-06-29 23:12:38 +02:00
|
|
|
|
"stargazers_count": 2,
|
|
|
|
|
|
"watchers_count": 2,
|
|
|
|
|
|
"forks_count": 2,
|
|
|
|
|
|
"forks": 2,
|
|
|
|
|
|
"watchers": 2,
|
2021-04-05 05:11:01 +02:00
|
|
|
|
"score": 0
|
|
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"id": 257824792,
|
|
|
|
|
|
"name": "CVE-2020-0688",
|
|
|
|
|
|
"full_name": "ktpdpro\/CVE-2020-0688",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "ktpdpro",
|
|
|
|
|
|
"id": 17905484,
|
|
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17905484?v=4",
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/ktpdpro"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/ktpdpro\/CVE-2020-0688",
|
|
|
|
|
|
"description": "PoC RCE Reverse Shell for CVE-2020-0688",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2020-04-22T07:28:32Z",
|
2021-07-22 23:13:39 +02:00
|
|
|
|
"updated_at": "2021-07-22T16:34:53Z",
|
2021-04-05 05:11:01 +02:00
|
|
|
|
"pushed_at": "2020-04-22T01:09:27Z",
|
2021-07-22 23:13:39 +02:00
|
|
|
|
"stargazers_count": 3,
|
|
|
|
|
|
"watchers_count": 3,
|
2021-04-05 05:11:01 +02:00
|
|
|
|
"forks_count": 1,
|
|
|
|
|
|
"forks": 1,
|
2021-07-22 23:13:39 +02:00
|
|
|
|
"watchers": 3,
|
2021-04-05 05:11:01 +02:00
|
|
|
|
"score": 0
|
|
|
|
|
|
},
|
2021-02-20 22:08:14 +01:00
|
|
|
|
{
|
|
|
|
|
|
"id": 271748338,
|
|
|
|
|
|
"name": "cve-2020-0688-webshell-upload-technique",
|
|
|
|
|
|
"full_name": "w4fz5uck5\/cve-2020-0688-webshell-upload-technique",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "w4fz5uck5",
|
|
|
|
|
|
"id": 32375656,
|
|
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32375656?v=4",
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/w4fz5uck5"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/w4fz5uck5\/cve-2020-0688-webshell-upload-technique",
|
|
|
|
|
|
"description": "cve-2020-0688 UNIVERSAL Python implementation utilizing ASPX webshell for command output",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2020-06-12T08:28:35Z",
|
2021-07-04 11:11:22 +02:00
|
|
|
|
"updated_at": "2021-07-04T07:09:59Z",
|
2021-02-20 22:08:14 +01:00
|
|
|
|
"pushed_at": "2020-07-16T10:42:27Z",
|
2021-07-04 11:11:22 +02:00
|
|
|
|
"stargazers_count": 15,
|
|
|
|
|
|
"watchers_count": 15,
|
2021-08-21 17:12:03 +02:00
|
|
|
|
"forks_count": 9,
|
|
|
|
|
|
"forks": 9,
|
2021-07-04 11:11:22 +02:00
|
|
|
|
"watchers": 15,
|
2021-02-20 22:08:14 +01:00
|
|
|
|
"score": 0
|
|
|
|
|
|
},
|
2021-05-16 05:15:46 +02:00
|
|
|
|
{
|
|
|
|
|
|
"id": 288177224,
|
|
|
|
|
|
"name": "CVE-2020-0688",
|
|
|
|
|
|
"full_name": "murataydemir\/CVE-2020-0688",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "murataydemir",
|
|
|
|
|
|
"id": 16391655,
|
|
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4",
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/murataydemir"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-0688",
|
|
|
|
|
|
"description": "[CVE-2020-0688] Microsoft Exchange Server Fixed Cryptographic Key Remote Code Execution (RCE)",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2020-08-17T12:41:51Z",
|
2021-08-19 17:13:51 +02:00
|
|
|
|
"updated_at": "2021-08-19T10:39:41Z",
|
2021-05-16 05:15:46 +02:00
|
|
|
|
"pushed_at": "2020-08-29T21:00:56Z",
|
2021-08-19 17:13:51 +02:00
|
|
|
|
"stargazers_count": 4,
|
|
|
|
|
|
"watchers_count": 4,
|
2021-05-16 05:15:46 +02:00
|
|
|
|
"forks_count": 1,
|
|
|
|
|
|
"forks": 1,
|
2021-08-19 17:13:51 +02:00
|
|
|
|
"watchers": 4,
|
2021-05-16 05:15:46 +02:00
|
|
|
|
"score": 0
|
|
|
|
|
|
},
|
2021-05-15 05:11:14 +02:00
|
|
|
|
{
|
|
|
|
|
|
"id": 306497480,
|
|
|
|
|
|
"name": "ecp_slap",
|
|
|
|
|
|
"full_name": "zyn3rgy\/ecp_slap",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "zyn3rgy",
|
|
|
|
|
|
"id": 73311948,
|
|
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73311948?v=4",
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/zyn3rgy"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/zyn3rgy\/ecp_slap",
|
|
|
|
|
|
"description": "CVE-2020-0688 PoC",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2020-10-23T01:18:13Z",
|
2021-06-03 05:11:51 +02:00
|
|
|
|
"updated_at": "2021-06-02T22:22:39Z",
|
|
|
|
|
|
"pushed_at": "2021-06-02T22:22:37Z",
|
2021-05-15 05:11:14 +02:00
|
|
|
|
"stargazers_count": 7,
|
|
|
|
|
|
"watchers_count": 7,
|
|
|
|
|
|
"forks_count": 1,
|
|
|
|
|
|
"forks": 1,
|
|
|
|
|
|
"watchers": 7,
|
|
|
|
|
|
"score": 0
|
|
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"id": 308367304,
|
|
|
|
|
|
"name": "CVE-2020-0688-Scanner",
|
|
|
|
|
|
"full_name": "SLSteff\/CVE-2020-0688-Scanner",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "SLSteff",
|
|
|
|
|
|
"id": 20557573,
|
|
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20557573?v=4",
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/SLSteff"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/SLSteff\/CVE-2020-0688-Scanner",
|
|
|
|
|
|
"description": "Scans for Microsoft Exchange Versions with masscan",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2020-10-29T15:16:24Z",
|
|
|
|
|
|
"updated_at": "2021-03-20T06:54:20Z",
|
|
|
|
|
|
"pushed_at": "2020-10-29T20:06:25Z",
|
|
|
|
|
|
"stargazers_count": 2,
|
|
|
|
|
|
"watchers_count": 2,
|
|
|
|
|
|
"forks_count": 0,
|
|
|
|
|
|
"forks": 0,
|
|
|
|
|
|
"watchers": 2,
|
|
|
|
|
|
"score": 0
|
|
|
|
|
|
},
|
2021-01-04 16:09:48 +01:00
|
|
|
|
{
|
|
|
|
|
|
"id": 326652424,
|
|
|
|
|
|
"name": "CVE-2020-0688",
|
2021-06-06 23:11:11 +02:00
|
|
|
|
"full_name": "MrTiz\/CVE-2020-0688",
|
2021-01-04 16:09:48 +01:00
|
|
|
|
"owner": {
|
2021-06-06 23:11:11 +02:00
|
|
|
|
"login": "MrTiz",
|
2021-01-04 16:09:48 +01:00
|
|
|
|
"id": 29025198,
|
2021-01-21 16:10:20 +01:00
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29025198?v=4",
|
2021-06-06 23:11:11 +02:00
|
|
|
|
"html_url": "https:\/\/github.com\/MrTiz"
|
2021-01-04 16:09:48 +01:00
|
|
|
|
},
|
2021-06-06 23:11:11 +02:00
|
|
|
|
"html_url": "https:\/\/github.com\/MrTiz\/CVE-2020-0688",
|
2021-01-04 16:09:48 +01:00
|
|
|
|
"description": "Remote Code Execution on Microsoft Exchange Server through fixed cryptographic keys",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2021-01-04T10:48:40Z",
|
2021-07-13 05:11:40 +02:00
|
|
|
|
"updated_at": "2021-07-13T03:03:50Z",
|
2021-06-06 23:11:11 +02:00
|
|
|
|
"pushed_at": "2021-06-06T16:03:53Z",
|
2021-07-13 05:11:40 +02:00
|
|
|
|
"stargazers_count": 5,
|
|
|
|
|
|
"watchers_count": 5,
|
2021-03-15 16:09:38 +01:00
|
|
|
|
"forks_count": 2,
|
|
|
|
|
|
"forks": 2,
|
2021-07-13 05:11:40 +02:00
|
|
|
|
"watchers": 5,
|
2021-01-04 16:09:48 +01:00
|
|
|
|
"score": 0
|
2021-05-03 17:11:21 +02:00
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
"id": 363882684,
|
|
|
|
|
|
"name": "proxylogon",
|
|
|
|
|
|
"full_name": "ann0906\/proxylogon",
|
|
|
|
|
|
"owner": {
|
|
|
|
|
|
"login": "ann0906",
|
|
|
|
|
|
"id": 82447420,
|
|
|
|
|
|
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82447420?v=4",
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/ann0906"
|
|
|
|
|
|
},
|
|
|
|
|
|
"html_url": "https:\/\/github.com\/ann0906\/proxylogon",
|
|
|
|
|
|
"description": "事件: 微軟(Microsoft)上周公布了修補遭到駭客攻擊的 Exchange Server 漏洞,全球恐有數萬個組織受到影響。網域與被入侵的Exchange郵件伺服器有關,而這臺伺服器後來被駭客當作C&C中繼站使用,導致接下來發生加密攻擊事故。 嚴重性: 全球企業普遍使用微軟生態系執行日常業務,若遭受駭客攻擊,將造成用戶機敏資料外洩並導致極大損失。雖然微軟已推出更新補釘,但阿戴爾強調這尚未去除儲存在受害伺服器內的後門殼層(webshell),因此就算尚未受到攻擊的企業可以免於被駭風險,駭客仍有時間入侵已被駭的伺服器留下「定時炸彈」。 從2020年開始,美國便不斷指控中國入侵多家醫藥公司及學術單位,試圖竊取疫苗研發機密,這次事件很可能將使中美之間的關係進一步惡化。至於華為、TikTok等中國服務是否會受到這次駭客事件波及,則暫時還不明朗。 漏洞通報程序: 在2年前,曾經拿下資安圈漏洞奧斯卡獎Pwnie Awards「最佳伺服器漏洞獎」戴夫寇爾首席資安研究員Orange Tsai(蔡政達),漏洞通報記錄不勝枚舉,後來因為針對企業常用的SSL VPN進行漏洞研究與通報,更是在全球資安圈聲名大噪。 不過,在今年3月2日卻發生讓Orange Tsai錯愕不已的事情。那就是,他在今年一月跟微軟通報的2個Exchange漏洞,微軟原訂在3月9日對外釋出修補程式,卻突然提前一週,在3月2日便緊急釋出修補程式。原來是因為,在2月26日到2月28日,這個週五下班後到週末這段期間,全球各地發生許多利用微軟Exchange漏洞發動攻擊的資安事件。 攻擊本質: 有人在網路上大量掃描微軟於本月修補的CVE-2020-0688安全漏洞,該漏洞攸關Microsoft Exchange伺服器,呼籲Exchange用戶應儘速修補。 CVE-2020-0688漏洞肇因於Exchange伺服器在安裝時沒能妥善建立唯一金鑰,將允許具備該知識及信箱的授權用戶以系統權限傳遞任意物件,屬於遠端程式攻擊漏洞,該漏洞影響Microsoft Exchange Server 2010 SP3、Microsoft Exchange Server 2013、Microsoft Exchange Server 2016與Microsoft Exchange Server 2019,但只被微軟列為重要(Important)等級的風險。",
|
|
|
|
|
|
"fork": false,
|
|
|
|
|
|
"created_at": "2021-05-03T09:44:25Z",
|
|
|
|
|
|
"updated_at": "2021-05-03T09:52:40Z",
|
|
|
|
|
|
"pushed_at": "2021-05-03T09:44:25Z",
|
|
|
|
|
|
"stargazers_count": 0,
|
|
|
|
|
|
"watchers_count": 0,
|
|
|
|
|
|
"forks_count": 0,
|
|
|
|
|
|
"forks": 0,
|
|
|
|
|
|
"watchers": 0,
|
|
|
|
|
|
"score": 0
|
2020-12-30 22:09:58 +01:00
|
|
|
|
}
|
|
|
|
|
|
]
|
