Vulnerabilities > CVE-2000-0248 - Unspecified vulnerability in Redhat Linux 6.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 3 |
Exploit-Db
description RedHat 6.2 Piranha Virtual Server Package Default Account and Password Vulnerability. CVE-2000-0248. Remote exploit for linux platform id EDB-ID:19879 last seen 2016-02-02 modified 2000-04-24 published 2000-04-24 reporter Max Vision source https://www.exploit-db.com/download/19879/ title RedHat 6.2 Piranha Virtual Server Package Default Account and Password Vulnerability description RedHat Piranha Virtual Server Package passwd.php3 Arbitrary Command Execution. CVE-2000-0248,CVE-2000-0322. Webapps exploit for php platform id EDB-ID:16858 last seen 2016-02-02 modified 2010-10-18 published 2010-10-18 reporter metasploit source https://www.exploit-db.com/download/16858/ title RedHat Piranha Virtual Server Package passwd.php3 - Arbitrary Command Execution
Metasploit
description | This module abuses two flaws - a metacharacter injection vulnerability in the HTTP management server of RedHat 6.2 systems running the Piranha LVS cluster service and GUI (rpm packages: piranha and piranha-gui). The vulnerability allows an authenticated attacker to execute arbitrary commands as the Apache user account (nobody) within the /piranha/secure/passwd.php3 script. The package installs with a default user and password of piranha:q which was exploited in the wild. |
id | MSF:EXPLOIT/LINUX/HTTP/PIRANHA_PASSWD_EXEC |
last seen | 2020-01-10 |
modified | 2017-11-08 |
published | 2010-02-14 |
references | |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/linux/http/piranha_passwd_exec.rb |
title | RedHat Piranha Virtual Server Package passwd.php3 Arbitrary Command Execution |
Nessus
NASL family | CGI abuses |
NASL id | PIRANHA.NASL |
description | The |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 10381 |
published | 2000-04-25 |
reporter | This script is Copyright (C) 2000-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/10381 |
title | Piranha's RH6.2 default password |
code |
|
Packetstorm
data source | https://packetstormsecurity.com/files/download/86303/piranha_passwd_exec.rb.txt |
id | PACKETSTORM:86303 |
last seen | 2016-12-05 |
published | 2010-02-15 |
reporter | patrick |
source | https://packetstormsecurity.com/files/86303/RedHat-Piranha-Virtual-Server-Package-passwd.php3-Arbitrary-Command-Execution.html |
title | RedHat Piranha Virtual Server Package passwd.php3 Arbitrary Command Execution |
Redhat
advisories |
|