漏洞概要 关注数(24) 关注此漏洞
缺陷编号:wooyun-2016-0185940
漏洞标题:百度彩票某服务器存在snmp弱口令
相关厂商:百度
漏洞作者: Yeats
提交时间:2016-03-21 10:10
修复时间:2016-05-05 10:56
公开时间:2016-05-05 10:56
漏洞类型:服务弱口令
危害等级:中
自评Rank:5
漏洞状态:厂商已经确认
漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]
Tags标签: 无
漏洞详情
披露状态:
2016-03-21: 细节已通知厂商并且等待厂商处理中
2016-03-21: 厂商已经确认,细节仅向厂商公开
2016-03-31: 细节向核心白帽子及相关领域专家公开
2016-04-10: 细节向普通白帽子公开
2016-04-20: 细节向实习白帽子公开
2016-05-05: 细节向公众公开
简要描述:
百度彩票某服务器存在snmp弱口令,远程SNMP代理支持public口令。
详细说明:
http://211.100.44.243/
C:\Users\think\Desktop\Tools>snmputil.exe walk 211.100.44.243 public .1.3.6.1.2.1.1
Variable = system.sysDescr.0
Value = String Linux lvs101 2.6.32-431.29.2.el6.x86_64 #1 SMP Tue Sep 9 21:36:05 UTC 2014 x86_64
Variable = system.sysObjectID.0
Value = ObjectID 1.3.6.1.4.1.8072.3.2.10
Variable = system.sysUpTime.0
Value = TimeTicks 3569603946
Variable = system.sysContact.0
Value = String Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
Variable = system.sysName.0
Value = String lvs101
Variable = system.sysLocation.0
Value = String Unknown (edit /etc/snmp/snmpd.conf)
Variable = system.8.0
Value = TimeTicks 14
Variable = system.9.1.2.1
Value = ObjectID 1.3.6.1.6.3.11.2.3.1.1
Variable = system.9.1.2.2
Value = ObjectID 1.3.6.1.6.3.15.2.1.1
Variable = system.9.1.2.3
Value = ObjectID 1.3.6.1.6.3.10.3.1.1
Variable = system.9.1.2.4
Value = ObjectID 1.3.6.1.6.3.1
Variable = system.9.1.2.5
Value = ObjectID 1.3.6.1.2.1.49
Variable = system.9.1.2.6
Value = ObjectID 1.3.6.1.2.1.4
Variable = system.9.1.2.7
Value = ObjectID 1.3.6.1.2.1.50
Variable = system.9.1.2.8
Value = ObjectID 1.3.6.1.6.3.16.2.2.1
Variable = system.9.1.3.1
Value = String The MIB for Message Processing and Dispatching.
Variable = system.9.1.3.2
Value = String The MIB for Message Processing and Dispatching.
Variable = system.9.1.3.3
Value = String The SNMP Management Architecture MIB.
Variable = system.9.1.3.4
Value = String The MIB module for SNMPv2 entities
Variable = system.9.1.3.5
Value = String The MIB module for managing TCP implementations
Variable = system.9.1.3.6
Value = String The MIB module for managing IP and ICMP implementations
Variable = system.9.1.3.7
Value = String The MIB module for managing UDP implementations
Variable = system.9.1.3.8
Value = String View-based Access Control Model for SNMP.
Variable = system.9.1.4.1
Value = TimeTicks 14
Variable = system.9.1.4.2
Value = TimeTicks 14
Variable = system.9.1.4.3
Value = TimeTicks 14
Variable = system.9.1.4.4
Value = TimeTicks 14
Variable = system.9.1.4.5
Value = TimeTicks 14
Variable = system.9.1.4.6
Value = TimeTicks 14
Variable = system.9.1.4.7
Value = TimeTicks 14
Variable = system.9.1.4.8
Value = TimeTicks 14
End of MIB subtree.
漏洞证明:
服务列表:
* festival-speechtools-libs-1.2.96-18.el6
* freeipmi-1.2.1-6.el6_5
* kde-l10n-Chinese-4.3.4-5.el6
* module-init-tools-3.9-21.el6_4
* exiv2-libs-0.18.2-2.1.el6
* kdeartwork-screensavers-4.3.4-7.el6
* freeipmi-bmc-watchdog-1.2.1-6.el6_5
* mailcap-2.1.31-2.el6
* gstreamer-python-0.10.16-1.1.el6
* samba-winbind-clients-3.6.9-169.el6_5
* plymouth-scripts-0.8.3-27.el6.centos.1
* httpd-2.2.15-31.el6.centos
* geoclue-0.11.1.1-0.13.20091026git73b6729.el6
* system-config-date-1.9.60-2.el6.centos
* dbus-c++-0.5.0-0.10.20090203git13281b3.1.el6
* xorg-x11-fonts-misc-7.2-9.1.el6
* tar-1.23-11.el6
* strigi-libs-0.7.0-2.el6
* raptor-1.4.18-5.el6_2.1
* abrt-cli-2.0.8-21.el6.centos
* popt-1.13-7.el6
* mobile-broadband-provider-info-1.20100122-2.el6
* m17n-db-oriya-1.5.5-1.1.el6
* bison-2.4.1-5.el6
* plymouth-graphics-libs-0.8.3-27.el6.centos.1
* perf-2.6.32-431.29.2.el6
* libogg-1.1.4-2.1.el6
* notify-python-0.1.1-10.el6
修复方案:
禁止缺省口令,关服务也行。
版权声明:转载请注明来源 Yeats@乌云
漏洞回应
厂商回应:
危害等级:中
漏洞Rank:5
确认时间:2016-03-21 10:56
厂商回复:
感谢对百度安全的关注
最新状态:
暂无