Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

CVE-2000-0649: Internal IP disclosure

Highlighted

CVE-2000-0649: Internal IP disclosure

New Contributor

Hello,

Our security team spotted a security vulnerability within HDP 3.1.0 with ports:

8088

8042

8188

As it returns the internal IP address, here's the nessus report:

Nessus was able to exploit the issue using the following request :

GET / HTTP/1.0
Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
Accept-Language: en
Connection: Close
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*



This produced the following truncated output (limited to 10 lines) :
------------------------------ snip ------------------------------
Date: Tue, 26 Mar 2019 01:39:33 GMT
Cache-Control: no-cache
Expires: Tue, 26 Mar 2019 01:39:33 GMT
Date: Tue, 26 Mar 2019 01:39:33 GMT
Pragma: no-cache
Content-Type: text/plain;charset=utf-8
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Location: http://INTERNAL-IP:PORT/
Content-Length: 0
[...]

------------------------------ snip ------------------------------

1 REPLY 1

Re: CVE-2000-0649: Internal IP disclosure

Cloudera Employee

A recommendation for this, it's to use Knox gateway. That will mask all the header information.