struts2 代码执行 （CVE-2020-17530）启动报错

[smartzh]

worker_celery.log报错信息

docker.errors.APIError: 500 Server Error: Internal Server Error ("driver failed programming external connectivity on endpoint awesome_mccarthy (aab6b13af236bc6dad77b2fddeaf8176234b024c46f9de247f5d58fb6ec45221): invalid transport protocol: 0")

操作系统： Operating System: CentOS Linux 7 (Core) OSType: linux Architecture: x86_64

内核版本：

Kernel Version: 3.10.0-1127.el7.x86_64

Python 环境版本：

(venv_py) [root@vulfocus log]# python Python 3.8.3 (default, May 19 2020, 18:47:26) [GCC 7.3.0] :: Anaconda, Inc. on linux Type "help", "copyright", "credits" or "license" for more information.

Vulfocus 版本：

Vulfocus 0.3.2.4

详细报错信息或堆栈报错信息：

[2021-06-20 22:40:08,507: INFO/MainProcess] Received task: tasks.run_container[150dea78-0d62-4977-b0b2-510d034790ef]
[2021-06-20 22:40:08,639: ERROR/ForkPoolWorker-1] Task tasks.run_container[150dea78-0d62-4977-b0b2-510d034790ef] raised unexpected: APIError(HTTPError('500 Server Error: Internal Server Error for url: http+docker://localhost/v1.35/containers/5e68016084cbef382a0b90de0d62c8214a2519e4a19b715c610e71014de24d33/start')) Traceback (most recent call last): File "/data/venv_py/lib/python3.8/site-packages/docker/api/client.py", line 261, in _raise_for_status response.raise_for_status() File "/data/venv_py/lib/python3.8/site-packages/requests/models.py", line 941, in raise_for_status raise HTTPError(http_error_msg, response=self) requests.exceptions.HTTPError: 500 Server Error: Internal Server Error for url: http+docker://localhost/v1.35/containers/5e68016084cbef382a0b90de0d62c8214a2519e4a19b715c610e71014de24d33/start

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/data/venv_py/lib/python3.8/site-packages/celery/app/trace.py", line 385, in trace_task R = retval = fun(*args, kwargs) File "/data/venv_py/lib/python3.8/site-packages/celery/app/trace.py", line 650, in __protected_call__ return self.run(args, kwargs) File "/data/web/vulfocus-api/tasks/tasks.py", line 325, in run_container docker_container = client.containers.run(image_name, ports=port_dict, detach=True) File "/data/venv_py/lib/python3.8/site-packages/docker/models/containers.py", line 791, in run container.start() File "/data/venv_py/lib/python3.8/site-packages/docker/models/containers.py", line 392, in start return self.client.api.start(self.id, kwargs) File "/data/venv_py/lib/python3.8/site-packages/docker/utils/decorators.py", line 19, in wrapped return f(self, resource_id, args, kwargs) File "/data/venv_py/lib/python3.8/site-packages/docker/api/container.py", line 1091, in start self._raise_for_status(res) File "/data/venv_py/lib/python3.8/site-packages/docker/api/client.py", line 263, in _raise_for_status raise create_api_error_from_http_exception(e) File "/data/venv_py/lib/python3.8/site-packages/docker/errors.py", line 31, in create_api_error_from_http_exception raise cls(e, response=response, explanation=explanation) docker.errors.APIError: 500 Server Error: Internal Server Error ("driver failed programming external connectivity on endpoint optimistic_shaw (1fec26044cfadbc4073cf289a464712b7b56e86ea24fa2082886b00cebeb0749): invalid transport protocol: 0")

[xxxxbxxxxx]

只有这个环境出现问题吗？

[smartzh]

目前只发现这个docker有问题，其他docker正常

[smartzh]

我在http://vulfocus.fofa.so/也测试了，这个docker也启动不了

[xxxxbxxxxx]

好的，我们会排查 CVE-2020-17530 漏洞环境

[vest12385]

根據我的經驗是docker image 設定錯誤沒有expose port, 導致create container後沒辦法正常start container

[smartzh]

2.3.7版本正常了，谢谢