Paladi/Huawei/Jiangnan tian'an bastion host high-risk vulnerabilities Leak User server passwords

Paladi/Huawei/Jiangnan tian'an bastion host high-risk vulnerabilities Leak User server passwords

The Paladi bastion host product is designed with a security vulnerability. Anyone who can access port 443 can obtain the SSH/TELNET/ORACLE account password of the server under the bastion host's jurisdiction.

There are two vulnerability principles:

1. The bastion host does not process the password when recording character operations. For example, if the bastion host remotely logs on to an SSH server, the password string should not be recorded in the log file during password replacement;

2. Temporary report data should not be stored in the WEB directory;

First download https: // example/module/cmd/realtime_report.xls, open
 

The telecom ORACLE password setting is so simple that it does not comply with the basic requirements of China Telecom Security Configuration specification.



Find the SSH logon password:
 

It is useless to explicitly tell others the password and make the password more complex.



As long as you have enough patience to check this file regularly, after a while, the SSH and ORACLE passwords of all servers of Jiangsu Telecom have been collected, and the harm is not very great.
 

Solution:

Store temporary report data files in a directory other than the WEB directory.