USN-670-1: VMBuilder vulnerability
Description
Mathias Gug discovered that vm-builder improperly set the rootpassword when creating virtual machines. An attacker could exploitthis to gain root privileges to the virtual machine by using apredictable password. This vulnerability only affects virtual machines created withvm-builder under Ubuntu 8.10, and does not affect native Ubuntuinstallations. An update was made to the shadow package to detectvulnerable systems and disable password authentication for theroot account. Vulnerable virtual machines which an attacker hasaccess to should be considered compromised, and appropriate actionstaken to secure the machine. The problem can be corrected by updating your system to the following package version: To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system upgrade is sufficient to effect thenecessary changes. https://bugs.launchpad.net/+bug/296841
Solution(s)
- ubuntu-upgrade-passwd
- ubuntu-upgrade-python-vm-builder
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center