CVE-2019-5021: Hard-Coded NULL root Password Found in Alpine Linux Docker Images
A Hard-Coded NULL root user password vulnerability was found in Alpine Linux Docker Images from December 2015’s 3.3 version onward. Users are encouraged to disable the root user, or any services that utilize the system shadow file as an authentication database.
Background
In November 2015, a bug in Alpine Linux Docker Images was patched to prevent the /etc/shadow file from accepting a NULL password for the root user. However, eight days later, an update was pushed to the Alpine Linux project that accidentally removed this fix. Since that time, all versions of Alpine Linux from 3.3 to 3.9 have accepted a NULL password for the root user if services like Linux PAM are running on the system, due to the usage of /etc/shadow as an authentication database.
Analisi
On May 8 2019, Cisco Talos published a disclosure for this vulnerability after reporting its findings to the Alpine Linux team. The root account is enabled by default and, unless the account is explicitly locked, affected versions will treat the root account as having a blank password.
Solution
Upgrading to the latest supported versions of Alpine Docker (3.6.5, 3.7.3, 3.8.4, 3.9.3, and edge) will fix this vulnerability.
Users are encouraged to completely disable the root account on all affected versions of Alpine Linux Docker images, if upgrading is not an option for you at this time. However, if your Alpine Linux assets aren’t using a service that treats the /etc/shadow file as a password database, this vulnerability is not exploitable even if the root account is enabled.
Identifying affected systems
For Tenable customers, due to the age and nature of this vulnerability, the Unpassworded 'root' Account plugin will flag any exploitable hosts without any updates or changes to the plugin. As always, we encourage customers to include the Default Unix Accounts family in their scans for configurations that contain blank or default passwords.
Get more information
Join Tenable's Security Response Team on the Tenable Community.
Learn more about Tenable, the first Cyber Exposure platform for holistic management of your modern attack surface. Get a free 60-day trial of Tenable.io Vulnerability Management.
Articoli correlati
Cybersecurity Snapshot: Guide Unpacks Event-Logging Best Practices, as FAA Proposes Stronger Cyber Rules for Airplanes
August 23, 2024Looking to sharpen your team’s event logging and threat detection? A new guide offers plenty of best practices. Plus, the FAA wants airplanes to be more resilient to cyberattacks. Meanwhile, check out the critical vulnerabilities Tenable discovered in two Microsoft AI products. And get the latest on ransomware trends, vulnerability management practices and election security!
Detecting Risky Third-party Drivers on Windows Assets
August 7, 2024Kernel-mode drivers are critical yet risky components of the Windows operating system. Learn about their functionality, the dangers they pose, and how Tenable's new plugins can help identify and mitigate vulnerabilities using community-driven resources like LOLDrivers.
Never Trust User Inputs -- And AI Isn't an Exception: A Security-First Approach
August 6, 2024As AI transforms industries, security remains critical. Discover the importance of a security-first approach in AI development, the risks of open-source tools, and how Tenable's solutions can help protect your systems.
Cybersecurity Snapshot: Guide Unpacks Event-Logging Best Practices, as FAA Proposes Stronger Cyber Rules for Airplanes
August 23, 2024Looking to sharpen your team’s event logging and threat detection? A new guide offers plenty of best practices. Plus, the FAA wants airplanes to be more resilient to cyberattacks. Meanwhile, check out the critical vulnerabilities Tenable discovered in two Microsoft AI products. And get the latest on ransomware trends, vulnerability management practices and election security!
SSRFing the Web with the Help of Copilot Studio
August 20, 2024Tenable Research discovered a critical information-disclosure vulnerability in Microsoft’s Copilot Studio via a server-side request forgery (SSRF), which allowed researchers access to potentially sensitive information regarding service internals with potential cross-tenant impact.
Cybersecurity Snapshot: First Quantum-resistant Algorithms Ready for Use, While New AI Risks’ Database Is Unveiled
August 16, 2024NIST has released the first encryption algorithms that can protect data against quantum attacks. Plus, MIT launched a new database of AI risks. Meanwhile, the CSA published a paper outlining the unique risks involved in building systems that use LLMs. And get the latest on Q2’s most prevalent malware, the Radar/Dispossessor ransomware gang and CVE severity assessments!
- Threat Intelligence
- Threat Management
- Vulnerability Management
- Vulnerability Scanning