当前位置:WooYun >> 漏洞信息

漏洞概要 关注数(24) 关注此漏洞

缺陷编号:wooyun-2015-0119852

漏洞标题:乐视网Docker WEB管理界面弱口令导致docker容器沦陷

相关厂商:乐视网

漏洞作者: zph

提交时间:2015-06-11 19:10

修复时间:2015-07-26 19:54

公开时间:2015-07-26 19:54

漏洞类型:后台弱口令

危害等级:高

自评Rank:15

漏洞状态:厂商已经确认

漏洞来源: http://www.wooyun.org,如有疑问或需要帮助请联系 [email protected]

Tags标签:

4人收藏 收藏
分享漏洞:

漏洞详情

披露状态:

2015-06-11: 细节已通知厂商并且等待厂商处理中
2015-06-11: 厂商已经确认,细节仅向厂商公开
2015-06-21: 细节向核心白帽子及相关领域专家公开
2015-07-01: 细节向普通白帽子公开
2015-07-11: 细节向实习白帽子公开
2015-07-26: 细节向公众公开

简要描述:

来个关于Docker的案例~

详细说明:

url:http://123.125.89.227:8080/
shipyard默认密码未修改:admin/shipyard

1.png


2.png


3.png


容器:

ID	Name	CPUs	Memory	State	Type
d41cb052aca9	10.160.140.32:5000/base-release:latest		2048 MB	running	
38cc9870feaa	10.160.140.32:5000/base-release:latest		2048 MB	running	
110a64c78b6d	10.160.140.32:5000/base-release:latest		2048 MB	running	
7c0f6b4323d3	10.160.140.32:5000/base-release:latest		2048 MB	running	
e6d47c8aaec1	10.160.140.32:5000/base-release:latest		2048 MB	running	
9829ca39e9a4	10.160.140.32:5000/base-release:latest		2048 MB	running	
1a68d70a3cd4	10.160.140.32:5000/base-release:latest		2048 MB	running	
f0b6cd6372e7	shipyard/shipyard-cli:latest		2048 MB	running	
dfaa1310351d	shipyard/shipyard:latest		2048 MB	running	
49c54d1cddc1	shipyard/rethinkdb:latest		2048 MB	running	
e7338916d358	10.160.140.32:5000/base-release:latest		2048 MB	running	
990f2cc79dd4	10.160.140.32:5000/base-release:latest		2048 MB	running	
fddbdcf169ca	ubuntu:14.04		2048 MB	running	
a5e1d29f0b2e	10.126.88.240:5000/letv-centos6:latest		2048 MB	running	
f91a9c9ed589	10.126.88.240:5000/letv-centos6:latest		2048 MB	running	
af25a535ef99	10.126.88.240:5000/letv-centos6:latest		2048 MB	running	
2d113c605a17	10.160.140.32:5000/base-release:latest		2048 MB	running	
d86c25ac5202	10.160.140.32:5000/base-release:latest		2048 MB	running	
f64f09be41eb	10.160.140.32:5000/base-release:latest		2048 MB	stopped	
c77237c97645	10.160.140.32:5000/base-release:latest		2048 MB	stopped	
e0b9b20adc57	10.160.140.32:5000/base-release:latest		2048 MB	running	
1888671935b7	10.160.140.32:5000/base-release:latest		2048 MB	running	
ac816d934b93	10.160.140.32:5000/base-release:latest		2048 MB	running	
24c6e3bd0568	10.160.140.32:5000/base-release:latest		2048 MB	running	
8b29001f2526	10.160.140.32:5000/base-release:latest		2048 MB	running	
4dfd461b85d7	8639568066a8		2048 MB	stopped	
9e2ac9d28316	10.160.140.32:5000/base-release:latest		2048 MB	running	
5e37f0da145c	c041175b1d1b		2048 MB	running	
3494968ab714	874a6de806e3		2048 MB	running	
86995f36c9de	874a6de806e3		2048 MB	stopped	
097f3f26b950	874a6de806e3		2048 MB	stopped	
8ec754f74f67	874a6de806e3		2048 MB	stopped	
7ed4328afcc7	4740c88b2633		2048 MB	stopped	
4e7c16bd4088	4740c88b2633		2048 MB	stopped	
bffde9231556	4740c88b2633		2048 MB	stopped	
3bd51721a791	4740c88b2633		2048 MB	stopped	
e64685bc6497	4740c88b2633		2048 MB	stopped	
47d67fe0c2df	093798067c73		2048 MB	stopped	
4adf421c1f11	10.160.140.32:5000/sdns-image:v0.1-beta-47-g75b0060		2048 MB	running	
8331a52843f3	10.160.140.32:5000/base-release:latest		2048 MB	running	
192c61b35dc8	10.160.140.32:5000/base-release:latest		2048 MB	running	
367bf37cbfe1	10.160.140.32:5000/base-release:latest		2048 MB	running	
826538e3c33b	10.160.140.32:5000/base-release:latest		2048 MB	running	
81b06adf7cdf	borja/unixbench:latest		2048 MB	stopped	
46bdd9c329d8	borja/unixbench:latest		2048 MB	stopped	
05e7c345daa2	10.160.140.32:5000/base-release:latest	0.96	256 MB	stopped	unique
7a5e284f1c92	10.160.140.32:5000/base-release:latest	0.96	256 MB	stopped	service
57252add87c8	10.160.140.32:5000/base-release:latest	0.96	256 MB	stopped	service
806d9277dc33	10.160.140.32:5000/base-release:latest		2048 MB	running	
e41f56772412	docker_index:latest		2048 MB	running	
a98bb094bc4f	dockerfile/redis:latest		2048 MB	running	
c0d21a2e9c43	registry:0.8.1		2048 MB	running


可create

4.png

漏洞证明:

1.png

修复方案:

修改弱口令,增强安全意识,没特殊必要的情况下平台不要对外网开放

版权声明:转载请注明来源 zph@乌云

漏洞回应

厂商回应:

危害等级:中

漏洞Rank:7

确认时间:2015-06-11 19:53

厂商回复:

感谢提交!是测试系统,目前已做下线处理。^_^

最新状态:

暂无