{"id":16204,"date":"2022-03-16T21:50:06","date_gmt":"2022-03-16T12:50:06","guid":{"rendered":"https:\/\/www.bigriver.jp\/?p=16204"},"modified":"2022-09-21T19:29:11","modified_gmt":"2022-09-21T10:29:11","slug":"alibaba-cloud-security-center-29","status":"publish","type":"post","link":"https:\/\/www.bigriver.jp\/?p=16204","title":{"rendered":"Alibaba Cloud Security Center #29"},"content":{"rendered":"\n

\u534a\u5e74\u3076\u308a\u4f4d\u306b\u30d6\u30ed\u30b0\u3092\u66f8\u304f\u3002\u3000
\u3053\u306e\u30d6\u30ed\u30b0\u306e\u30b5\u30fc\u30d0\u306f Alibaba Cloud \u4e0a\u306b\u3042\u308a\u3001\u305d\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306f Alibaba Cloud Security Center \u306b\u52a9\u3051\u3066\u3082\u3089\u3063\u3066\u3044\u307e\u3059\u3002\u3000\u6bce\u65e5\u30bb\u30ad\u30e5\u30a2\u30b9\u30b3\u30a2\u304c\u30e1\u30fc\u30eb\u3067\u5c4a\u304f\u306e\u3067\u3059\u304c\u4e45\u3005\u306b90\u70b9\u3092\u4e0b\u56de\u3063\u3066\u306e\u3067\u305d\u306e\u5bfe\u5fdc\u5185\u5bb9\u3092\u5c06\u6765\u306e\u81ea\u5206\u306e\u305f\u3081\u306b\u8a18\u9332\u3057\u307e\u3059\u3002\u3000<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u201cUncheckd Urgent Vulnerabilities\u201d\u3067 -3 \u3001\u201dBaseline Risks 1\u201d \u3067 -10\u3002\u3000\u201dBaseline Risks\u201d\u306e\u4e2d\u8eab\u3092\u78ba\u8a8d\u3057\u3066\u3044\u304d\u307e\u3059\u3002<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
<\/div>\n\n\n\n

Alibaba Cloud Standard \u3068\u3044\u3046\u30d9\u30fc\u30b9\u30e9\u30a4\u30f3\u304c\u3042\u308a\u3001\u305d\u306e\u30d9\u30fc\u30b9\u30e9\u30a4\u30f3\u306b\u6e80\u305f\u3057\u3066\u3044\u306a\u3044\u9805\u76ee\u304c\u8907\u6570\u3042\u308b\u3088\u3046\u3067\u3059\u3002<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
<\/div>\n\n\n\n

8\u3064\u306e\u30a2\u30a4\u30c6\u30e0\u3067\u30b9\u30c6\u30fc\u30bf\u30b9\u304c \u201cFailed\u201d \u306b\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u3000\u307b\u3068\u3093\u3069\u306e\u9805\u76ee\u304c\u521d\u6b69\u7684\u306a\u5bfe\u5fdc\uff08\u672c\u6765\u8868\u793a\u3057\u306a\u304f\u3068\u3082\u826f\u3044\u60c5\u5831\u306f\u96a0\u3059\u3001\u672c\u6765\u30a2\u30af\u30bb\u30b9\u3055\u305b\u308b\u3079\u304d\u3067\u306f\u306a\u3044\u3068\u3053\u308d\u306b\u306f\u30a2\u30af\u30bb\u30b9\u3055\u305b\u306a\u3044\uff09\u304c\u3055\u308c\u3066\u3044\u306a\u3044\u3060\u3051\u7cfb\u306e\u3088\u3046\u3067\u3059\u3002\u3000\u3053\u306e\u30d6\u30ed\u30b0\u3092\u7acb\u3061\u4e0a\u3052\u305f\u306e\u304c3\u5e74\u4ee5\u4e0a\u524d\u306a\u306e\u3067\u305d\u306e\u6642\u306bApache \u3092\u3069\u3046\u8a2d\u5b9a\u3057\u305f\u304b\u306f\u8a18\u61b6\u306b\u306a\u304f\u3001\uff11\u3064\uff11\u3064\u5bfe\u5fdc\u3059\u308b\u3002<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
<\/div>\n\n\n\n

\u307e\u305a\u306f \u201cVulnerable version\u201d \u3068\u3044\u3046\u3053\u3068\u3067 ECS \u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306e Ubuntu \u3092\u6700\u65b0\u5316\u3002\u3000\u305d\u306e\u5f8c\u306b Security Center \u3067\u30c1\u30a7\u30c3\u30af\u3059\u308b\u3082\u30b9\u30c6\u30fc\u30bf\u30b9\u306f \u201cFailed\u201d \u304b\u3089\u5909\u308f\u3089\u305a\u3002 Details \u3067\u7406\u7531\u7b49\u8a73\u7d30\u3092\u898b\u3066\u307f\u308b\u3002\u3000Result \u306e Vulnerable version 2.4.29 \u3092\u5229\u7528\u3057\u3066\u3044\u308b\u304b\u3089\u3068\u306e\u3053\u3068\u3002
<\/p>\n\n\n

\n
Vulnerable versionIntrusion Prevention
Description
The following versions of Apache httpd have security problems and are easily hacked: 1. The mod_proxy module SSRF vulnerability exists in Apache 2.4.48 and earlier versions. https:\/\/avd.aliyun.com\/detail?id=AVD-2021-40438. 2. Apache 2.4.49-2.4.50 versions have path traversal and command execution vulnerabilities. https:\/\/avd.aliyun.com\/detail?id=AVD-2021-42013, https:\/\/avd.aliyun.com\/detail?id=AVD-2021-41773. 3. The Apache2.4.0-2.4.29 version has a parsing vulnerability. https:\/\/avd.aliyun.com\/detail?id=AVD-2017-15715. 4. There is an authentication bypass vulnerability in Apache 2.2.0-2.2.12. The third-party module uses ap_get_basic_auth_pw() in the authentication phase, which will cause the authentication requirement to be bypassed. https:\/\/avd.aliyun.com\/detail?id=AVD-2017-3167. 5. Apache 2.2.0-2.2.12 and 2.4.24-2.4.25 have a denial of service vulnerability. https:\/\/avd.aliyun.com\/detail?id=AVD-2017-3169, https:\/\/avd.aliyun.com\/detail?id=AVD-2017-7659. 6. Apache 2.2.0-2.2.12 has an ACL bypass vulnerability. https:\/\/avd.aliyun.com\/detail?id=AVD-2017-7668. 7. A mod_mime buffer overflow vulnerability exists in Apache 2.2.0-2.2.32 and 2.4.0-2.4.25. https:\/\/avd.aliyun.com\/detail?id=AVD-2017-7679.
Result
Vulnerable version:2.4.29
Suggestion

Update the software to the latest safe version to complete the repair of vulnerabilities.These vulnerabilities are based on unauthorized access or weak password in the service. Completing access authentication reinforcement can reduce the risk of intrusion.

Record the security enhancement operations, or back up the related data before the operation.<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/div>\n\n\n
<\/div>\n\n\n\n

\u6700\u65b0\u5316\u3057\u305f\u306e\u3067\u3059\u304c\u3001apache \u306e version \u306f 2.4.29 \u3002\u3000Apache \u306e\u30bd\u30fc\u30b9\u30d5\u30a1\u30a4\u30eb\u304b\u3089\u30b3\u30f3\u30d1\u30a4\u30eb\u3057\u3066\u3082\u826f\u3044\u304c\u9762\u5012\u3067\u3059\u3002\u3000\u554f\u984c\u7121\u3044\u3068\u5224\u65ad\u3057 Alibaba Cloud Security Center \u4e0a\u306f Whitelist \u306b\u5165\u308c\u308b\u3053\u3068\u306b\u3057\u307e\u3059\u3002<\/p>\n\n\n

\n
$ \/usr\/sbin\/apache2 -v
Server version: Apache\/2.4.29 (Ubuntu)
Server built: 2022-01-05T14:50:41<\/td><\/tr><\/tbody><\/table><\/figure>\n<\/div>\n\n\n
<\/div>\n\n\n\n

\u540c\u69d8\u306b\u4ed6\u306e\u30a2\u30a4\u30c6\u30e0\u3082\uff11\u3064\uff11\u3064\u78ba\u8a8d\u3057\u554f\u984c\u7121\u3051\u308c\u3070 Whitelist \u306b\u767b\u9332\u3059\u308b\u306a\u308a\u63a8\u5968\u3055\u308c\u305f\u5bfe\u5fdc\u3092\u5b9f\u65bd\u3057\u3066\u3044\u304d\u307e\u3059\u3002\u6700\u7d42\u7684\u306b\u306f2\u9805\u76ee\u306f \u63a8\u5968\u3055\u308c\u305f\u5bfe\u5fdc\u3092\u5b9f\u65bd\u3057\u3001\u6b8b\u308a\u306f\u5185\u5bb9\u3092\u628a\u63e1\u3057\u305f\u4e0a\u3067 Whitelist \u306b\u767b\u9332\u3057\u307e\u3057\u305f\u3002\u305d\u306e\u7d50\u679c\u3001Risk free \u306b\u306a\u308a\u307e\u3057\u305f\u3002\u3000\u3000<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
<\/div>\n\n\n\n

Secure Score \u3082 100 \u306b\u623b\u308a\u307e\u3057\u305f\u3002
<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

\u4ee5\u524d\u306b\u3082\u4f55\u5ea6\u304b\u66f8\u3044\u305f\u3053\u3068\u3067\u3059\u304c\u3001 Security Center \u3092\u5229\u7528\u3057\u3066\u3044\u308b\u3068\u81ea\u52d5\u7684\u306b\u30b5\u30fc\u30d0\u306e\u72b6\u614b\u3092\u30c1\u30a7\u30c3\u30af\u3057\u3001\u8106\u5f31\u6027\u304c\u3042\u308c\u3070\u4f55\u3092\u3059\u308c\u3070\u3088\u3044\u304b\u3092\u6559\u3048\u3066\u304f\u308c\u308b\u306e\u306f\u975e\u5e38\u306b\u4fbf\u5229\u3067\u6709\u7528\u3067\u3059\u3002\u3000\u3053\u308c\u304c\u7121\u3044\u3068\u6bce\u65e5\u6bce\u65e5OS\u3084Apache\u3084PHP\u3084\u305d\u306e\u4ed6\u5229\u7528\u3057\u3066\u3044\u308bOpen Source \u306e\u63d0\u4f9b\u5143\u30b5\u30a4\u30c8\u3092\u30c1\u30a7\u30c3\u30af\u3057\u8106\u5f31\u6027\u306e\u6709\u7121\u3092\u78ba\u8a8d\u3059\u308b\u5fc5\u8981\u304c\u3042\u308b\u304b\u3089\u3067\u3059\u3002<\/p>\n\n\n\n

<\/div>\n\n\n\n

\u4ee5\u4e0a<\/p>\n","protected":false},"excerpt":{"rendered":"

\u534a\u5e74\u3076\u308a\u4f4d\u306b\u30d6\u30ed\u30b0\u3092\u66f8\u304f\u3002\u3000\u3053\u306e\u30d6\u30ed\u30b0\u306e\u30b5\u30fc\u30d0\u306f Alibaba Cloud \u4e0a\u306b\u3042\u308a\u3001\u305d\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306f Alibaba Cloud Security Center \u306b\u52a9\u3051\u3066\u3082\u3089\u3063\u3066\u3044\u307e\u3059\u3002\u3000\u6bce\u65e5\u30bb\u30ad\u30e5\u30a2\u30b9\u30b3\u30a2\u304c\u30e1\u30fc\u30eb … <\/p>\n","protected":false},"author":1,"featured_media":16198,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[36],"class_list":{"0":"post-16204","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cloud-security-center","8":"tag-securitycenter","9":"entry"},"views":2082,"_links":{"self":[{"href":"https:\/\/www.bigriver.jp\/index.php?rest_route=\/wp\/v2\/posts\/16204","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bigriver.jp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bigriver.jp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bigriver.jp\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bigriver.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16204"}],"version-history":[{"count":4,"href":"https:\/\/www.bigriver.jp\/index.php?rest_route=\/wp\/v2\/posts\/16204\/revisions"}],"predecessor-version":[{"id":16540,"href":"https:\/\/www.bigriver.jp\/index.php?rest_route=\/wp\/v2\/posts\/16204\/revisions\/16540"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.bigriver.jp\/index.php?rest_route=\/wp\/v2\/media\/16198"}],"wp:attachment":[{"href":"https:\/\/www.bigriver.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16204"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bigriver.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16204"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bigriver.jp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16204"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}