DCO 8.1.0 - Security Vulnerability

DCIM_Support · ‎2020-07-04

Dear Support,

For one of our client where we had installed DCO 8.1.0, the below Security Vulnerabilities have been reported and they asked us to rectify them.

1) Unencrypted Telnet Service Available

2) TELNET access with root and no password

3) Telnet guest account open

Please can anyone reply how to fix them.

Thanks & Regards

Shemil

DCIM_Support · ‎2020-07-04

Hi Shemil,

Out of curiosity wondering how they have scanned/tested this, I don't think we have seen that vulnerability in our daily security scans. However 8.1 is many versions behind, customer should consider upgrading the product to latest version (currently 8.2.7) as we address known vulnerabilities with each DCO release.

Kind regards

DCIM_Support · ‎2020-07-04

Dear shemilusman and Jef Faridi,

I think that this is quite possible if the customer deploys DCO software to a server with a pre-installed RHEL/CentOS-7.x operating system.

That is, the above mentioned vulnerability does not apply to DCO software vulnerabilities. In this case, the customer can solve this problem on his own, or he can ask for technical support in RHEL.

P.S.: for example, to stop and disable telnet service on RHEL/CentOS-7.x OS, customer need to execute (under superuser priviledge):

systemctl stop telnet.socket
systemctl disable telnet.socket

With respect.

DCIM_Support · ‎2020-07-04

Hi,

Reference to your reply, please note that the DCO Server is installed in the customer Vmware Vcenter as VM server.

I tried the "systemctl" command from console using admin account, and it did not execute and gave me below comment:

"failed to stop telnet.socket: Unit telnet.socket not loaded"

I understand that "root"account access is denied in the console. So how do I execute the Stop Telnet & Disable Telnet commands. Is there any way from the webmin?

Thanks & Regards

Shemil

DCIM_Support · ‎2020-07-04

Dear shemilusman,

From your screenshot it is clear, that the vulnerable telnet service is not loaded at all.

Therefore, first you need to check for a vulnerable telnet service on your server in a different way. To do this, from the regular user (not the superuser) run the following command:

netstat -anp | grep :23

If you see something like this:

(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN -
tcp6 0 0 :::23 :::* LISTEN -

So you have a really vulnerable telnet service on the server (LISTEN on port 23). Otherwise, a vulnerable telnet service on your server is not running and you have no reason to worry 😀.

Then you need to contact the customer security team so that they can give a detailed explanation of which vulnerabilities they discovered, which you write about in your initial question.

With respect.

DCIM_Support · ‎2020-07-04

Dear shemilusman,

Tell us, please, did you solve your question or not?

With respect.

DCIM_Support · ‎2020-07-04

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.