当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0130371

漏洞标题:铜板街某处弱口令导致信息泄露

相关厂商:tongbanjie.com

漏洞作者: Dr0pLe7

提交时间:2015-07-30 11:53

修复时间:2015-09-13 13:52

公开时间:2015-09-13 13:52

漏洞类型:服务弱口令

危害等级:中

自评Rank:10

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:


漏洞详情

披露状态:

2015-07-30: 细节已通知厂商并且等待厂商处理中
2015-07-30: 厂商已经确认,细节仅向厂商公开
2015-08-09: 细节向核心白帽子及相关领域专家公开
2015-08-19: 细节向普通白帽子公开
2015-08-29: 细节向实习白帽子公开
2015-09-13: 细节向公众公开

简要描述:

多好的设备也怕弱口令不是?

详细说明:

域名指向:
office.tongbanjie.com 122.224.137.178
ssh存在弱口令cisco:cisco enable密码:cisco

漏洞证明:

TBJ-ASA5520# show version
Cisco Adaptive Security Appliance Software Version 8.2(5)
Device Manager Version 6.4(5)
Compiled on Fri 20-May-11 16:00 by builders
System image file is "disk0:/asa825-k8.bin"
Config file at boot was "startup-config"
TBJ-ASA5520 up 46 days 9 hours
Hardware: ASA5520, 2048 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash Firmware Hub @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05
0: Ext: GigabitEthernet0/0 : address is d0d0.fd52.acf4, irq 9
1: Ext: GigabitEthernet0/1 : address is d0d0.fd52.acf5, irq 9
2: Ext: GigabitEthernet0/2 : address is d0d0.fd52.acf6, irq 9
3: Ext: GigabitEthernet0/3 : address is d0d0.fd52.acf7, irq 9
4: Ext: Management0/0 : address is d0d0.fd52.acf8, irq 11
5: Int: Not used : irq 11
6: Int: Not used : irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
SSL VPN Peers : 2
Total VPN Peers : 750
Shared License : Disabled
AnyConnect for Mobile : Disabled
AnyConnect for Cisco VPN Phone : Disabled
AnyConnect Essentials : Disabled
Advanced Endpoint Assessment : Disabled
UC Phone Proxy Sessions : 2
Total UC Proxy Sessions : 2
Botnet Traffic Filter : Disabled
This platform has an ASA 5520 VPN Plus license.
Serial Number: JMX17388017
Running Activation Key: 0x8705f55a 0x98000de9 0xb832a5e8 0xa6a45c0c 0x0f0f389b
Configuration register is 0x1
Configuration last modified by admin at 18:48:33.211 UTC Wed Jul 29 2015

修复方案:

改密码。

版权声明:转载请注明来源 Dr0pLe7@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:5

确认时间:2015-07-30 13:52

厂商回复:

感谢您的报告。

最新状态:

暂无


漏洞评价:

评论