If a low privilege user were to exploit this vulnerability, they could potentially install a malicious DLL and run it with SYSTEM privileges. By doing this, the malicious DLL would have full control of the affected system. Dell has provided the following FAQ to help address these vulnerabilities: What you should do - Update your system to the latest available version.
- Install the DELL Software application to check for and install updates to your system.
- Apply the appropriate amount of protections such as user permissions, antivirus, firewall, etc.
- Keep your antivirus updated to the latest version.
- Keep your operating system updated to the latest version.
- Keep your software updated to the latest version.
- Keep your network connections secure.
The update advisory can be found on the following Dell website: https://support.dell.com/support/topics/global/en/01/systems/f/91/vulnerabilities/Dell_GeoDrive_2_2.aspx
Nmap scan report for drvnd.com.br:
Host is up (0.020s latency). chin-drvnd.com.br PORT service attempted to connect to Port: 23/tcp, Port Range: 23/tcp, Port Service: ssh (SOCK 4) SERVICE service attempted to connect to Port: 21/tcp, Port Range: 21/tcp, Port
Nmap scan report for drvnd.com.br (24/09/2018)
PORT STATE SERVICE 23/tcp open ssh 80/tcp open http
| drvnd.com.br: |_ Sent 206 packets over a period of 3 seconds, received 1, sent 205, dropped 0, bad-recv 0, bad-sent 205 |
|_ Service Info: OS: Linux 2.6.32-5-default (i686) IP Address: 192.168.1.2 OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3
Service Info: OS CPE Service Details Unavailable
Service Info: OS CPE Service Details Unavailable
Service Info: OS CPE Service Details Unavailable
Service Info: OS CPE Service Details Unavailable
Service Info: OS CPE Service Details Unavailable
Detect DRBD vulnerability using Nmap and Nexpose
Nmap scan report for drvnd.com.br (10.101.2.130):
Host is up (0.020s latency). chin-drvnd.com.br PORT service attempted to connect to Port: 23/tcp, Port Range: 23/tcp, Port Service: ssh (SOCK 4) SERVICE service attempted to connect to Port: 21/tcp, Port Range: 21/tcp
Timeline
Published on: 10/12/2022 20:15:00 UTC
Last modified on: 10/14/2022 14:15:00 UTC