SNS Advisory No.100
FreeNAS Cross-Site Request Forgery Vulnerability
Discovered on:21 Apr 2009
Released on:5 Aug 2009
Severity:
High
Overview:
FreeNAS has a cross-site request forgery vulnerability that could allow attackers to execute operations, which are not intended by the legitimate user.
This vulnerability could be exploited to execute unauthorized operations on the computer where FreeNAS is installed.
Description:
FreeNAS is an open-source operating system optimized for file server with a Web-based user interface, which provides administrative functions.
Successful exploitation could allow attackers to execute operations, which are not intended by the user, while the user is logging in to FreeNAS, if the FreeNAS user is tricked into visiting a Web page that contains malicious requests for unauthorized operations.
The malicious request could allow almost all operations available by using the Web-based user interface such as shutting down the server and initializing the hard disk.
Also, the exploitation could allow attackers to launch further attacks by executing certain operations such as changing the configuration.
Affected Products and Versions:
FreeNAS 0.69.2 and earlier
Solution:
Download the fixed version of the software released by the developer and update it.
http://www.freenas.org/index.php?option=com_frontpage&Itemid=22
Discovered by:
Hiroyuki Shinshiba (LAC)
Thanks to:
http://jvn.jp/jp/JVN15267895/
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000053.html
http://www.ipa.go.jp/security/vuln/documents/2009/200908_freenas.html
Disclaimer:
The information contained in this advisory may be revised without prior notice and is provided as is. Users shall take their own risk when taking any actions following reading this advisory. Little eArth Corporation Co., Ltd. shall not be held responsible for any claims, losses or damages caused by the use of information provided here.
This advisory is available at the following URL:
http://www.lac.co.jp/english/advisory/100_e.html
Reference
Category Menu
