Professional Documents
Culture Documents
CVE-2010-2075
Student Details
Name: Krishna Kumar Nayak
University ID: 77261138
Group: Level 6
Submission Date: 14 may 2023
Word Count: 2948
Table of Contents Pages
1. Abstract...........................................................................................................3
2. Introduction....................................................................................................3
3. Description of vulnerability, Exploits and Attack Software..........................4
3.1 Vulnerability.............................................................................................4
3.2 Exploits and Attack Software...................................................................4
4. Difference between vulnerability, Exploits and attack software..................5
4.1 Vulnerability..............................................................................................5
4.2 Exploits......................................................................................................5
4.3 Attack Software.........................................................................................5
5. Anatomy of Attack............................................................................................5
5.1 Information Gathering..........................................................................6-10
5.2 Exploitation..........................................................................................10-14
5.3 Post Exploitation..................................................................................14-18
6. Recommendations for Preventing Attack......................................................18
7. Related Software.............................................................................................19
8. Critical Reflection (L7 only).............................................................................19
9. Conclusion....................................................................................................19-20
10. References....................................................................................................20-21
1. Abstract
This report is based on vulnerability named CVE-2010-2075. CVE-2010-2075 is a security flaw
in the Linux kernel that affects versions 2.6.18 through 2.6.34. Remote attackers can exploit this
vulnerability to perform a denial-of-service (DoS) attack on the targeted system by delivering
specially crafted packets to the system's network interface card. This flaw is triggered by the
kernel's incorrect processing of erroneous size parameters in a specific protocol. A successful
attack would cause a system crash, and attackers might use this flaw to execute arbitrary code
with elevated privileges. The Linux community has issued patches to fix this issue, and users are
urged to update their systems to the most recent patched versions as soon as possible to avoid
assaults. The vulnerability serves as a reminder of the significance of applying security patches
on an ongoing basis to avoid potential exploitation.
2. Introduction
Digital security is the practice of protecting digital systems, and networks from unauthorized
access, theft, damage, or hacking. In the current digital age, cyber security has emerged as a
crucial concern, with businesses, individuals, and governments increasingly relying technology
to store and communicate sensitive information. The importance of digital security has grown
exponentially with the increasing sophistication of cyber threats. Malware attacks, phishing
scams, and ransom ware attacks can cripple an organizations operations or cause irreversible
damage to a person’s reputation. If we want to protect one against such attacks and threats, we
must constantly monitor vulnerabilities using key protective sports.
A flaw called CVE-2010-2075 affects the IBM Informix Dynamic Server (IDS) software. The
vulnerability was made public in May 2010 and is considered to be of critical severity. Users are
urged to install the update, and IBM issued in order to protect their systems from this
vulnerability. Computer systems and data must be securely encrypted. Data encryption,
firewalls, two-factor authentication, and antivirus software are some measures to safeguard
against cyber threats. It has become a necessary component of daily life, making it essential for
individuals and organizations to adopt robust security practice to protect their online assets.
The victim tool that gets accessible due to the use of Nmap. UnrealIRCD 3.2.8,
which is installed via an IRC server, was the program of choice. This was commonly
used for real-time text chatting among internet-connected computers in 1998
(Radware, 2023). Nmap is used to find the vulnerability, in which the attacker looks
for cooperative systems inside the internal network topology while looking for
cooperative ports on the routing device. Then, exploiting the Metasploit
framework, comparable attacks were launched.
4 Difference between vulnerability, Exploits and attack software
4.1Vulnerability
Vulnerability refers to a weakness or flaw in a system, software or network that
can be exploited by an attacker to gain unauthorized access or cause harm. It might
be used to go around a device's safety precautions. (Upguard) 2023.
4.2Exploits
Exploits are software programs that take advantage of vulnerabilities to perform
an attack. While exploits are focused on exploiting vulnerabilities, attack software
includes a broader range of tools and techniques, such as social engineering,
phishing, denial of service attacks, and malware.
4.3Attack Software
Attack software is a collection of tools and techniques that an attacker can use to
carry out an attack on a vulnerable system or network. It enables for destructive
communication with the attacker's various structures by carrying all the harmful
packets depending on the type of vulnerability.
5 Anatomy of attack
As a result, you can keep in mind that Kali Linux (attack device) and Debian-based
completely Linux (sufferer device) are both multiplied on the Oracle Virtual Machine field. The
community that is completing this is listed in the table below:
5.1Information Gathering
Records assembling are the process of gathering statistics and information about
the client, such as IP address and server. It is by far the most crucial and initial
component of the penetration testing or hacking system. Additional power will
allow the hacker to obtain more useful data and information about the scenario.
Footprinting
Footprinting refers to the process of gathering information about a target system or network
as a preliminary step in an attack. It involves collecting information about the organization, its
employees, technologies, and infrastructure to identify vulnerabilities that can be exploited.
Footprinting is usually conducted using publicly available information such as online directories,
social media profiles, and search engines. The information collected during this process can be
used by attackers to craft targeted attacks, exploit reconnaissance in digital security, allowing
organization to identify and mitigate potential risks before they can cause significant harm.
Enumeration
Enumeration refers to the process of seeking and compiling information about a specific target
system in order to expose its vulnerabilities and gain unauthorized access to it. The goal of
enumeration is to gather as much information as possible about the target, including a list of
hosts, accounts, passwords, and various other details such as network protocols, operating
systems, services running, and applications installed. Network administrators can put in place
safeguards like firewalls, intrusion detection and prevention systems, and network
segmentation to stop enumeration attacks, which can limit the amount of data that attackers
can obtain.
Scanning
Scanning entails the process of looking for threats, malware, or vulnerabilities within a system
or network. A system's security can be tested as well as viruses found and removed, network
intrusions found, and other uses for scanning. As you can see in this area of our report, we were
given specific virtual computers that are connected to the same network, which means that
their first few bytes are identical on both machines, and their final bit is notable.
Fig 2: Command if config
The attacker's system, as seen in image three, uses the Linux terminal to perform the 'ifconfig' p
rocedure.Following the execution of the command, the present network connection
on that device is displayed.Because the IP address in the above screenshot is 192.168.1.67, the
victim's IP address will begin with those three bytes as well.
If you want to know the patient's actual IP address, scan the IP address.Zenmap and Nmap are t
wo tools for testing IP addresses. The community device is mapped using nmap in this case.
This verifies all of the services that are on the move.
Fig .3: Figure brief experiment
The earlier graphic makes it very evident that multiple ports are open on the second list of IPs.
In the third figure, the IRC carrier utilizing port 6667 can be seen. Attacker now probes a bit
farther into that IP to confirm whether it is still the functionality victim or not. For more about
that IP, a test is done to identify the OS and its company data.
5.2Exploitation
When to when an attacker takes advantage of a vulnerability or weakness in a
system or software to gain unauthorized access, steal confidential information, or
compromise the integrity of network exploitation is used. On this file, the
Metasploitable framework has been used. However, there are a lot of different
make the most databases available online. With the command "are searching for,"
one can gain access to the metasploit framework. The attacker can have only two
choices: make the most or search for payload.
Figure6: Searching available exploits
The "make the most" command was modified to trigger the exploitation seen in the above
image. When you observe "command shell session opened," an attacker may be ahead of you,
adjusting the most variables for success.
5.3Post Exploitation
The exploitation began with the "make the most" command, as demonstrated by the
aforementioned determination.
All users of the patient's device are listed using the 'ls' command, as shown in the preceding
decision. Then, one of the purchaser passwords is modified, and if the password has been
correctly updated, the 'password' command can be seen within the disconcern.
Fig13: Sufferer directory
The command "ls"used to display the suffering list. The whole library of files and folders on the
target device is shown, as it is shown in the screenshot up top.
The 'nano' command is used to alter the patient's file. Now that an editor is open, we will begin
adding new lines to the report. An attacker who can be seen within the decision has inserted a
few more lines using the 'nano.txt' command.
Fig18: Consent of file after editing (victim’s terminal)
Because the attacker used the "nano" command, which allows you to change the file, the
content of the record on the victim's device had been modified, as seen in the image above.
In the example above, the attacker used the 'uname -a' command to obtain the victim's device's
data. The preceding decision is a genuine confirmation of the victim device's system data.
A firewall setting may be helpful for preventing scanner from detecting the tool. It also
prohibits the machine from connecting to other networks and connections, making it far
more difficult for attackers to gain access to the system's data. Firewalls are potentially
capable of preventing malware and 0th birthday party attempts. To prevent unwanted
access to your servers, ensure that your firewall is properly set and enabled.
7 Related Software
Percentage is a robust open-source penetration testing tool for assessing the security of
both community and internet applications. It can truly complete the full mission, as
evidenced by the fact that it has over 38,000 exploits. The tool is accurately recognized
for data collection, goal definition, use, and event notification. The majority of the game
is made up of exploits that operate on any computer (Linux, Windows, UNIX, SCO, Minix,
OSX, Solaris, and so on.). Pre-loaded exploits (scripts), the framework allows
penetration testers to create additional exploits. Apache HTTP Server, Microsoft
Internet Information Services (IIS), PHP, WordPress, OpenCart, and Magento are some
of the technologies used.
Patches for all of the impacted software are accessible to resolve this vulnerability.
Users are encouraged to update their software to the most recent version, which
includes the CVE-2010-2075 remedy. It is also advised that additional security measures,
such as the use of a firewall for web applications, be used to reduce the risk of
exploitation.
10 References
I. Rapid7 (2022).UnrealIRCD 3.2.8.1 Performance using Backdoor Commands
[Online] https:
//www.rapid7.com/db/modules/exploit/unix/irc/unreal_ircd_3281_backdoo
r/ [Accessed on July 24, 2022].
II. Bikes (unknown date). IRC (Internet Relay Chat) can be accessed [online]:
https: //www.radware.com/security/ddos-knowledge-center/ddospedia/irc-
internet-relay-chat/#: text=IRC (Internet Relay Chat) is a client and server
command [accessed July 24, 2022]
III. The year is 2022. What exactly is vulnerability? Available at:
https://www.upguard.com/blog/vulnerability [Accessed on July 25, 2022].
IV. Nest (2 August 2022). CVE-2017-0143 specifics. NIST: https:
//nvd.nist.gov/vuln/detail/CVE-2017-0143
V. G.F. Lyon, 2009.Nmap network scan: The Nmap project's official guide for net
work discovery and security scanning. I'm not sure.
VI. Speed guide (unknown date). Details on Port 6667 may be found at
https://www.speedguide.net/port.php?port=6667. [Accessed on July 25,
2022].
XI. 2014, Shostack. The practice of planning for privacy is known as risk
modelling. Publisher: John Wiley & Sons, Inc.