PA 网络命令安全问题确认 #188
Comments
|
从该描述来看,反shell是socat启动的,CP不会调用该命令。另外,只要看一下CP pod,就可以知道不存在该命令,同时,代码中也搜索不到该命令。 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
cp版本:0.3.6
环境:阿里k8s环境
问题:当阿里Terway网络组件容器里执行时,被Teistlok扫描出有安全风险问题,需要确认下面的命令是否pa发起,具体描述如下:
/usr/bin/dash is a reverse shell spawned by [socat TCP-LISTEN:9099,bind=127.0.0.1,fork,reuseaddr system:sleep 2;kill -9 $SOCAT_PID 2>/dev/null]. Full command: sh -c sleep 2;kill -9 $SOCAT_PID 2>/dev/null
The text was updated successfully, but these errors were encountered: