2012-07-13: 积极联系厂商并且等待厂商认领中,细节不对外公开 2012-08-27: 厂商已经主动忽略漏洞,细节向公众公开
巨鲸音乐网DNS域传送漏洞
www.top100.cn
> ls -d top100.cn [dns.top100.cn] top100.cn. SOA dns.top100.cn root.top100.cn. (2012040610 10800 900 604800 3600) top100.cn. NS dns.top100.cn top100.cn. NS dns2.top100.cn top100.cn. NS dns3.top100.cn top100.cn. A 211.151.228.41 top100.cn. A 211.151.228.42 top100.cn. AAAA ::1 top100.cn. MX 10 mx.sina.net 10155 A 59.151.24.137 12530 A 59.151.24.171 1M CNAME 1m.top100.ccgslb.net aac CNAME aac.top100.ccgslb.net act A 211.151.228.41 act A 211.151.228.42 ad A 59.151.24.179 api A 59.151.24.138 audio CNAME audio.top100.chinacache.net src.audio A 59.151.24.138 audio1 A 59.151.24.138 audio10 CNAME audio10.top100.ccgslb.net audio101 A 61.135.208.252 audio2 CNAME audio2.top100.cn.lxdns.com audio21 A 59.151.24.138 audio3 CNAME audio3.top100.chinacache.net audio31 A 121.9.245.61 audio31 A 202.108.251.165 audio31 A 202.108.251.167 audio4 CNAME audio4.top100.chinacache.net audio5 CNAME audio5.top100.cn.lxdns.com audio6 CNAME audio6.top100.chinacache.net audio7 CNAME audio7.top100.cn.lxdns.com audio8 CNAME audio8.top100.chinacache.net audio9 CNAME audio9.top100.ccgslb.net bbn A 59.151.24.180 beta A 59.151.24.171 bfvnet A 59.151.24.180 blog A 59.151.24.168 cdn A 59.151.24.165 cipod A 59.151.24.162 citiccard A 211.151.228.41 client A 59.151.24.184 client A 59.151.24.186 count A 211.151.228.41 count A 211.151.228.42 cqvnet A 59.151.24.180 dns A 59.151.111.148 dns2 A 59.151.24.188 dns3 A 59.151.24.187 download A 59.151.24.135 src.file A 59.151.24.138 file1 CNAME file1.top100.chinacache.net file10 CNAME file10.top100.cn.lxdns.com file11 CNAME file11.top100.cn.lxdns.com file12 CNAME file12.top100.chinacache.net file13 CNAME file13.top100.cn.lxdns.com file14 CNAME file14.top100.chinacache.net file15 CNAME file15.top100.chinacache.net file16 CNAME file16.top100.ccgslb.net file17 CNAME file17.top100.ccgslb.net file18 CNAME file18.top100.ccgslb.net file181 A 61.135.208.252 file19 CNAME file19.top100.ccgslb.net file191 A 61.135.208.252 file2 CNAME file2.top100.chinacache.net file3 CNAME file3.top100.chinacache.net file4 CNAME file4.top100.chinacache.net file5 CNAME file5.top100.chinacache.net file6 CNAME file6.top100.chinacache.net file7 CNAME file7.top100.chinacache.net file8 CNAME file8.top100.cn.lxdns.com file9 CNAME file9.top100.cn.lxdns.com fm A 59.151.24.168 ftp A 59.151.24.135 g CNAME g.top100.chinacache.net g1 A 59.151.24.170 game A 211.151.228.41 game A 211.151.228.42 gdclient A 218.77.120.89 ht A 59.151.24.162 hun A 218.77.120.89 hz A 211.151.228.41 hz A 211.151.228.42 image A 59.151.24.138 img1 CNAME img1.top100.ccgslb.com.cn img11 A 211.151.228.52 img2 CNAME img1.top100.ccgslb.com.cn img21 A 211.151.228.52 img3 CNAME img1.top100.ccgslb.com.cn img31 A 211.151.228.52 img5 CNAME img1.top100.ccgslb.com.cn img51 A 211.151.228.52 jjmanager A 211.151.228.52 kaixin001 CNAME partner.top100.cn label A 59.151.24.137 lenovo A 59.151.24.161 license A 59.151.24.134 lyric CNAME lyric.top100.chinacache.net lyric1 A 59.151.24.138 m A 59.151.24.182 max A 202.106.63.81 md A 59.151.24.136 orca.md A 59.151.24.135 md1 A 59.151.24.148 md2 A 59.151.24.135 mediago A 59.151.24.162 mobile A 59.151.24.180 moto A 59.151.24.181 mp4 CNAME mp4.top100.ccgslb.net music A 211.151.228.41 music A 211.151.228.42 tyt.music A 59.151.24.180 mv CNAME mv.top100.chinacache.net ok A 211.100.40.38 open A 59.151.24.184 open A 59.151.24.186 orcabox A 59.151.24.161 orcaclient A 59.151.24.139 original A 59.151.24.166 partner A 59.151.24.184 partner A 59.151.24.186 passport A 59.151.24.177 ph CNAME ph.top100.ccgslb.net pic CNAME lyric.top100.chinacache.net pic1 A 59.151.24.138 play A 59.151.24.176 ra A 59.151.24.176 real A 59.151.24.138 safari A 59.151.24.180 salestat A 59.151.24.162 samsung CNAME www.samsung.ccgslb.com.cn search A 59.151.24.165 smtp A 211.151.228.52 soft A 211.151.228.49 space A 211.151.228.41 space A 211.151.228.42 stat A 59.151.24.183 Steve-jobs A 211.151.228.41 Steve-jobs A 211.151.228.42 store A 59.151.24.163 stream A 59.151.24.136 stream1 A 59.151.24.148 stream2 A 59.151.24.135 su A 211.151.228.41 su A 211.151.228.42 super A 219.239.6.155 sx A 59.151.24.180 t A 59.151.24.185 tj10010 A 59.151.24.161 tjcnc A 59.151.24.180 tools A 59.151.24.171 uni A 59.151.24.180 urtracker A 219.239.6.149 user A 59.151.24.169 wap A 59.151.24.182 widget A 59.151.24.168 www A 211.151.228.41 www A 211.151.228.42 yc A 59.151.24.168 ycaudio CNAME ycaudio.top100.ccgslb.net zjvnet A 59.151.24.180 top100.cn. SOA dns.top100.cn root.top100.cn. (2012040610 10800 900 604800 3600)
修改安全设置
未能联系到厂商或者厂商积极拒绝
