Bug 2225392

Summary: Servers can expose an Rsync service on port 873
Product: Red Hat OpenStack Reporter: Ganesh Kadam <gkadam>
Component: openstack-tripleo-heat-templatesAssignee: OSP Team <rhos-maint>
Status: CLOSED DUPLICATE QA Contact: Joe H. Rahme <jhakimra>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 16.2 (Train)CC: mburns, tkajinam
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-07-25 08:45:42 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ganesh Kadam 2023-07-25 08:08:17 UTC
Description of problem:

Servers can expose an Rsync service on port 873. If no hardening is done, any user
with a network access to the machine will be able to access the different data
exposed by the Rsync service leading to important data leak
10.91.209.251:873 open tcp rsync
10.91.205.184:873 open tcp rsync

The RSync service is exposed by the two following machines:
• cirp11ospctlfb201.infra.eu-muc-11.cloud.amadeus.net
• cirp12ospctlfa201.infra.eu-muc-12.cloud.amadeus.net
The service is unauthenticated and exposes the following directories:
• accounts
• containers
• objects


Version-Release number of selected component (if applicable):
RHOSP16.2

How reproducible:
Always

Actual results:
Bydefault VM Servers can expose an Rsync service on port 873 leading to security vulnerablity

Expected results:
RSYNC should be configured on some other port other than its default port

Additional info:

Comment 2 Takashi Kajinami 2023-07-25 08:45:42 UTC
This is duplicate of bz 2219698 .

*** This bug has been marked as a duplicate of bug 2219698 ***