CVE-2019-5021:Alpine Linux Docker 映像中發現硬式編碼的 NULL 根密碼
A Hard-Coded NULL root user password vulnerability was found in Alpine Linux Docker Images from December 2015’s 3.3 version onward. Users are encouraged to disable the root user, or any services that utilize the system shadow file as an authentication database.
背景說明
In November 2015, a bug in Alpine Linux Docker Images was patched to prevent the /etc/shadow file from accepting a NULL password for the root user. However, eight days later, an update was pushed to the Alpine Linux project that accidentally removed this fix. Since that time, all versions of Alpine Linux from 3.3 to 3.9 have accepted a NULL password for the root user if services like Linux PAM are running on the system, due to the usage of /etc/shadow as an authentication database.
分析
On May 8 2019, Cisco Talos published a disclosure for this vulnerability after reporting its findings to the Alpine Linux team. The root account is enabled by default and, unless the account is explicitly locked, affected versions will treat the root account as having a blank password.
解決方法
Upgrading to the latest supported versions of Alpine Docker (3.6.5, 3.7.3, 3.8.4, 3.9.3, and edge) will fix this vulnerability.
Users are encouraged to completely disable the root account on all affected versions of Alpine Linux Docker images, if upgrading is not an option for you at this time. However, if your Alpine Linux assets aren’t using a service that treats the /etc/shadow file as a password database, this vulnerability is not exploitable even if the root account is enabled.
找出受影響的系統
For Tenable customers, due to the age and nature of this vulnerability, the Unpassworded 'root' Account plugin will flag any exploitable hosts without any updates or changes to the plugin. As always, we encourage customers to include the Default Unix Accounts family in their scans for configurations that contain blank or default passwords.
取得更多資訊
加入 Tenable Community 的 Tenable 安全回應團隊。
Learn more about Tenable, the first Cyber Exposure platform for holistic management of your modern attack surface. Get a free 60-day trial of Tenable.io Vulnerability Management.
相關文章
- Threat Intelligence
- Threat Management
- Vulnerability Management
- Vulnerability Scanning