You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
User can detect open ssh port or another open ports on server that services Cockpit last version. This is a vulnerability that allows an user send request to internal hosts for detecting open ports. So that firewall configuration can be bypassed or the server can be used like gateway by malicious user for scanning process.
In addition, user induces the application to make an request back to the server that is hosting Cockpit.
For example: if system admin creates iptables rule to drop all packets that come to 22 port or another port, user can detect whether port 22 is open or not.
Assuming that there is a iptables rule which port 22 is open for 127.0.0.1 (loopback interface) but is closed for other interfaces.
An unauthenticated user can detect open ssh port or another open ports on server that services Cockpit last version. In addition, this vulnerability that allows a user sends request to internal hosts for detecting open ports so that firewall configuration can be bypassed or the server can be used like gateway by attacker user for scanning process. For example, if system admin creates iptables rule to drop all packets that come to 22 port or another port, user can detect whether port 22 is open or not.
Assuming that there is a rule which the port 22 is open for 127.0.0.1 (loopback interface) only .
