Linux Today: Linux News On Internet Time.

VNU Net: Linux security hole discovered

Apr 26, 2000, 23:15 (1 Talkback[s])
(Other stories by John Geralds)

By John Geralds, VNU Net

A team of internet security researchers say they have found a serious security hole in a popular Linux web server that could allow an attacker to compromise and destroy a website.

According to the Internet Security Systems X-Force team, there is a backdoor in Red Hat's Linux that would let a computer intruder access and alter files on some computers running the company's most recent version of Linux.

The discovery could not come at a worse time for Red Hat which has been attempting to persuade customers that its Linux is a good foundation for corporate operations.

Piranha is a package distributed by Red Hat that contains Linux Virtual Server software, a web-based graphical user interface and monitoring and fail-over components. A backdoor password exists in the interface portion, Version 0.4.12 of Piranha-GUI, that may allow remote attackers to execute commands on the server.

If an affected version of Piranha is installed and the default backdoor password remains unchanged, any remote or local user may login to the web interface. From there, parameters can be changed and arbitrary commands can be executed with the same privilege as that of the web server.

Only Red Hat users who have installed the Piranha component are vulnerable. Piranha is installed only if a Red Hat user specifically selects clustering functions when installing the software or if a user chooses 'install all'.

The X-Force team discovered the vulnerability and has been working with Red Hat to create a 'fix'. The security risk has been given a five rating on a scale from one to five, where five is the most severe.

Chris Rouland, director of Internet Security Systems' research team, said: "This is a very high risk. It gives people the same rights as the web server itself."

Rouland said he does not believe that the backdoor was installed with malicious intent, but that it is an "engineering mistake".

Red Hat has provided updated Piranha, Piranha-doc and Piranha GUI packages and recommends administrators be sure that a new password is installed following installation.

Related Stories: