RedHat Piranha Virtual Server包缺省账号和密码漏洞。

RedHat Piranha Virtual Server包缺省账号和密码漏洞。

漏洞ID 1105797 漏洞类型 配置错误
发布时间 2000-04-24 更新时间 2005-10-20
图片[1]-RedHat Piranha Virtual Server包缺省账号和密码漏洞。-安全小百科CVE编号 CVE-2000-0248
图片[2]-RedHat Piranha Virtual Server包缺省账号和密码漏洞。-安全小百科CNNVD-ID CNNVD-200004-065
漏洞平台 Linux CVSS评分 10.0
|漏洞来源
https://www.exploit-db.com/exploits/19879
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200004-065
|漏洞详情
RedHatLinuxPiranha包中的LinuxVirtualServer软件的web图形用户界面存在后门密码,远程攻击者可以利用这个漏洞执行任意指令。
|漏洞EXP
source: http://www.securityfocus.com/bid/1148/info

A default username and password has been discovered in the Piranha virtual server and load balancing package from RedHat. Version 0.4.12 of the piranha-gui program contains a default account, piranha, with the password 'q' (no quotes). Using this username and password, in conjunction with flaws in the passwd.php3 script (also part of piranha) will allow remote users to execute arbitrary commands on the machine.

The default username and password are piranha, and q, respectively.

Execute the following url, using the above information to authenticate: http://victim.example.com/piranha/secure/passwd.php3

Next, execute the following: http://victim.example.com/piranha/secure/passwd.php3?try1=g23+%3B+touch+%2Ftmp%2Fr00ted+%3B&try2=g23+%3B+touch+%2Ftmp%2Fr00ted+%3B&passwd=ACCEPT

This will touch a file in /tmp named r00ted. More complex attacks are certainly possible.
|参考资料

来源:ISS
名称:20000424BackdoorPasswordinRedHatLinuxVirtualServerPackage
链接:http://xforce.iss.net/alerts/advise46.php3

相关推荐: Microsoft Windows Unspecified Remote Arbitrary Code Execution Vulnerability

Microsoft Windows Unspecified Remote Arbitrary Code Execution Vulnerability 漏洞ID 1096183 漏洞类型 Unknown 发布时间 2005-08-01 更新时间 2005-08…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享