Nessus scanning problem for vitrage - critical vulnerabilities

Bug #1710836 reported by xupeipei
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Vitrage
New
Undecided
Unassigned

Bug Description

1. Detailed bug description:
 Nessus(a security scan tool) reports a CRITICAL vulnerability when scanning vitrage. The vulnerability is about api server:
   HTTP Method Remote Format String: The remote web server seems to be vulnerable to a format string attack on the method name. An attacker might use this flaw to make it crash or even execute arbitrary code on this host.
2. Steps to reproduce:
 Start API service of vitrage, and start nessus scanning. Nessus will report the above CRITICAL vulnerability. The vulnerability id is 11801, and it appears inevitably.
3. Expected results:
 The security tool sends http request by bad uri and bad method, and api server of vitrage should respond by 404 and can still serve normally.
4. Actual result:
 By analysing vitrage's log and captured package, API server didn't respond normally for some packages and seems to stop serving.
5. Reproducibility:
 When Nessus scans, this problem can be reproducted every time. However, we simulate the scanning tool by scripts, API server can respond normally every time.
6. Workaround
 Set the configuration "workers" of api to 1, and run graph.py or just run api. (There is no such problem when "workers" is set to be large then 1.)
7. Impact
 There may be hidden security problems, and Needs to be fixed.
8.Description of the environment:
  Operation system: Ubuntu
  Versions of components: pike branch of vitrage
  Reference architecture: None
  Network model: None
  Related projects installed: None

Revision history for this message
xupeipei (xu.peipei1) wrote :
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.