Check out GRUB2 Login verification Bypass 0Day vulnerability with Ossim
The researchers found a Grub2 vulnerability, which was affected by version 1.98 (released in 2009) to 2.02 (released in 2015). This vulnerability allows local users to bypass any form of authentication (plaintext password or hashed password), allowing an attacker to gain control of the computer. Most Linux systems use GRUB2 as the boot loader, including some embedded systems. As a result, there will be countless devices that are at risk from this vulnerability. We can use Ossim to find machines that contain this vulnerability. The Ossim contains the vulnerability library as shown in.
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/78/79/wKioL1Z9UgiRvxgZAAdZO8i_5CU671.png "title=" screen shot 2015-12-25 pm 10.23.00.png "alt=" Wkiol1z9ugirvxgzaadzo8i_5cu671.png "/>
This article is from the "Lee Chenguang Original Technology blog" blog, please be sure to keep this source http://chenguang.blog.51cto.com/350944/1728420
Check out GRUB2 Login verification Bypass 0Day vulnerability with Ossim