Alpine Linux docker has hard coded root password

tmjpugh · May 8, 2019, 10:44pm

Just in case some of you are using this

HA uses python base so no affect I think

https://talosintelligence.com/vulnerability_reports/TALOS-2019-0782

anon34565116 · May 8, 2019, 11:05pm

Hassio uses a Linux, I believe Alpine Linux, with Docker. Actually the report says it has NO root password.

hijinx · May 23, 2019, 5:00pm

Just came to post the same news

tmjpugh · May 23, 2019, 5:11pm

this is a problem with several Official docker images it seems.

Still, this is fairly local type exploit(physical access needed) unless paired with some other exploit correct? Although that’s not great either.

EDIT
I guess someone made a script to check this and there is a list

LIST

gist.github.com

https://gist.github.com/jgamblin/6015a2020c1de3bc3aab19b361573b7f

_nullroot52019.txt

18fgsa/s3-resource-simple - root:::0:::::
31z4/zookeeper - root:::0:::::
a5huynh/oauth2_proxy - root:::0:::::
acaleph/consul-alerts - root:::0:::::
aequitas/concourse-file-resource - root:::0:::::
alexwhen/docker-2048 - root:::0:::::
allinurl/goaccess - root:::0:::::
alpine/socat - root:::0:::::
anapsix/alpine-java - root:::0:::::
andyshinn/dnsmasq - root:::0:::::

This file has been truncated. show original

containers52019.txt

18fgsa/s3-resource-simple
1and1internet/blackbox_exporter
1and1internet/ubuntu-16-apache-php-5.6
1and1internet/ubuntu-16-apache-php-7.0
1and1internet/ubuntu-16-customerssh
1and1internet/ubuntu-16-nginx-php-5.6-wordpress-4
1and1internet/ubuntu-16-nginx-php-phpmyadmin-mariadb-10
1and1internet/ubuntu-16-nginx-php-phpmyadmin-mysql-5
1and1internet/ubuntu-16-php-7.1
31z4/zookeeper

This file has been truncated. show original

ARTICLE