lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAOzeT81pXps8-cqAg+ndcVkK39Sr2ZYEcOqc_TuAdSq+JabUxQ@mail.gmail.com> Date: Wed, 23 Jul 2014 23:59:45 -0400 From: Seth Art <sethsec@...il.com> To: fulldisclosure@...lists.org Subject: [FD] CVE-2014-2226: Ubiquiti Networks - UniFi Controller - Admin/root password hash sent via syslog ----------- Vendor: ----------- Ubiquiti Networks (http://www.ubnt.com/) ---------------------------------------------- Affected Products/Versions: ---------------------------------------------- UniFi Controller v2.4.6 Note: Previous versions may be affected ----------------- Description: ----------------- Title: Admin/Root password hash sent via syslog messages CVE: CVE-2014-2226 CWE: http://cwe.mitre.org/data/definitions/319.html Detailed writeup: http://sethsec.blogspot.com/2014/07/cve-2014-2226.html Researcher: Seth Art - @sethsec If remote logging is enabled on the UniFi controller, syslog messages are sent to a syslog server. Contained within the syslog messages is the admin password that is used by both the UniFi controller, and all managed Access Points. This CVE was assigned as there is no utility for sending the admin password hash via syslog messages. ------ POC: ------ Not Applicable. ------------- Solution: ------------- UniFi Controller - Upgrade to UniFi Controller v3.2.1 or greater ----------------------------- Disclosure Timeline: ----------------------------- 2014-02-16: Notified Ubiquiti of vulnerabilities in UniFi and mFi products 2014-02-17: Ubiquiti acknowledges and requests details 2014-02-17: Report with POC sent to Ubiquiti 2014-02-19: Asks Ubiquiti to confirm receipt of report 2014-02-19: Ubiquti confirms receipt of report and existence of the vulnerabilities 2014-02-28: CVE-2014-2226 assigned 2014-03-12: Requested status update 2014-03-27: Requested status update 2014-04-07: Requested status update 2014-04-09: Ubiquiti provides timeline for solution 2014-05-30: Requested status update 2014-06-12: Requested status update 2014-06-12: UniFi 3.2.1 is released 2014-06-13: Set public disclosure date of 2014-07-24 2014-07-24: Public disclosure _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists