漏洞标题
BishopFox Sliver 认证远程代码执行
漏洞描述信息
Sliver是一个开源跨平台的对手模拟/红队框架,所有规模的组织都可以使用它来进行安全性测试。Sliver版本1.6.0(预发布版)存在一个低权限“操作员”用户利用的RCE漏洞。此次RCE的权限可到达系统root用户。此次漏洞的利用方法相当有趣,因为我们可以让Sliver服务器自毁。如过去问题 (#65) 所描述的,“操作员和服务器之间有明显的安全边界,操作员本身不应该能够直接在服务器上运行命令或代码。”利用此漏洞的操作员能够查看所有控制台日志、开除其他所有操作员、查看和修改存储在服务器上的文件,并最终删除服务器。此问题尚未得到解决,但在1.6.0的完整发布之前,预计会得到解决。使用1.6.0预发布版的用户应避免在生产环境中使用Silver。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
对生成代码的控制不恰当(代码注入)
漏洞标题
BishopFox Sliver Authenticated Remote Code Execution
漏洞描述信息
Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. Sliver version 1.6.0 (prerelease) is vulnerable to RCE on the teamserver by a low-privileged "operator" user. The RCE is as the system root user. The exploit is pretty fun as we make the Sliver server pwn itself. As described in a past issue (#65), "there is a clear security boundary between the operator and server, an operator should not inherently be able to run commands or code on the server." An operator who exploited this vulnerability would be able to view all console logs, kick all other operators, view and modify files stored on the server, and ultimately delete the server. This issue has not yet be addressed but is expected to be resolved before the full release of version 1.6.0. Users of the 1.6.0 prerelease should avoid using Silver in production.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
漏洞类别
输出中的特殊元素转义处理不恰当(注入)
漏洞标题
Sliver 安全漏洞
漏洞描述信息
Sliver是Bishop Fox开源的一个开源的跨平台对手模拟/红队框架。可以被各种规模的组织用来执行安全测试。 Sliver 1.6.0-dev版本存在安全漏洞,该漏洞源于容易受到远程代码执行攻击。攻击者利用该漏洞可以查看所有控制台日志,查看和修改存储在服务器上的文件,并最终删除服务器。
CVSS信息
N/A
漏洞类别
其他