In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-03 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >
Share
Shulou(Shulou.com)06/01 Report--
This article will explain in detail the example analysis of remote code execution vulnerabilities in the Apache Guacamole gateway. The content of the article is of high quality, so the editor will share it with you for reference. I hope you will have some understanding of the relevant knowledge after reading this article.
Brief introduction of 0x00 vulnerability
On July 3, 2020, 360CERT Monitoring found that Apache Guacamole officially issued a risk notice for remote code execution of the Guacamole gateway. The vulnerability number is CVE-2020-9497/CVE-2020-9498, and the vulnerability level is medium danger.
There is a memory leak / memory corruption vulnerability in Apache Guacamole. By exploiting any remote server in Guacamole management and inducing Guacamole connections, an attacker can cause full control of all remote desktop sessions between the Guacamole principal and its connections (including, but not limited to: uploading and downloading arbitrary remote host files; executing arbitrary programs / commands on any remote host, etc.)
In this regard, 360CERT recommends that the majority of users upgrade Apache Guacamole to 1.2.0 in time. At the same time, please do a good job of asset self-examination and prevention to avoid hacker attacks.
0x01 risk rating
360CERT's assessment of the vulnerability is as follows
Assessment method level threat level Mid-risk impact Surface Limited 0x02 vulnerability details
Apache Guacamole Gateway is a clientless remote desktop gateway based on HTML5 pages. It supports standard protocols for remote connections, such as VNC,RDP and SSH. It is convenient for users to access internal hosts directly from the cloud.
An attacker can only trigger the following vulnerability if any internal server managed by Guacamole has been compromised, and the attacker cannot cause harm to Guacamole externally.
CVE-2020-9497
Guacamole has a memory leak vulnerability when processing static virtual channel data. When Guacamole connects to the RDP client, if the RDP client (attacker-controlled) sends a special PDU (protocol data unit), the in-memory data of the Guacamole is transferred to the connected RDP client (attacker-controlled).
CVE-2020-9498
Guacamole has a memory corruption vulnerability when processing static virtual channel data pointers. When Guacamole connects to the RDP client, if the RDP client (controlled by the attacker) sends a specially crafted PDU (protocol data unit), the attacker can execute arbitrary code in the guacd process of Guacamole. In turn, take over all remote desktop sessions managed by Guacamole.
0x03 affects version
Apache Guacamole: < 1.2.0
0x04 repair recommendations General patching recommendations:
Upgrade to Apache Guacamole version 1.2.0 and download it from:
Http://guacamole.apache.org/releases/
0x05 product side solution 360city-level network security monitoring service
The QUAKE asset mapping platform of the security brain monitors such vulnerabilities by means of asset mapping technology, and asks users to contact the relevant product area leaders to obtain the corresponding products.
This is the case analysis of the remote code execution vulnerability of the Apache Guacamole gateway. I hope the above content can be helpful to everyone and learn more knowledge. If you think the article is good, you can share it for more people to see.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.