Nessus scanning problem for vitrage - critical vulnerabilities
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Vitrage |
New
|
Undecided
|
Unassigned | ||
Bug Description
1. Detailed bug description:
Nessus(a security scan tool) reports a CRITICAL vulnerability when scanning vitrage. The vulnerability is about api server:
HTTP Method Remote Format String: The remote web server seems to be vulnerable to a format string attack on the method name. An attacker might use this flaw to make it crash or even execute arbitrary code on this host.
2. Steps to reproduce:
Start API service of vitrage, and start nessus scanning. Nessus will report the above CRITICAL vulnerability. The vulnerability id is 11801, and it appears inevitably.
3. Expected results:
The security tool sends http request by bad uri and bad method, and api server of vitrage should respond by 404 and can still serve normally.
4. Actual result:
By analysing vitrage's log and captured package, API server didn't respond normally for some packages and seems to stop serving.
5. Reproducibility:
When Nessus scans, this problem can be reproducted every time. However, we simulate the scanning tool by scripts, API server can respond normally every time.
6. Workaround
Set the configuration "workers" of api to 1, and run graph.py or just run api. (There is no such problem when "workers" is set to be large then 1.)
7. Impact
There may be hidden security problems, and Needs to be fixed.
8.Description of the environment:
Operation system: Ubuntu
Versions of components: pike branch of vitrage
Reference architecture: None
Network model: None
Related projects installed: None
| xupeipei (xu.peipei1) wrote | #1 |
