Weblate: Open port leads to information disclosure

2017-04-24T12:25:25
ID H1:223421
Type hackerone
Reporter str33
Modified 2018-09-10T09:40:40

Description

Open port 10022 leads to disclosure of open-ssh version and current Debian version being used.

POC- 1. I performed an nmap scan ( nmap -A -T4 -p- weblate.org) 2. I saw the port 10022 was open and I did a telnet connect to the port. 3. As soon as I did the telnet connect it returned me the openssh version and the debian version (check the .png file) 4.I wasn't able to run any sort of commands as whatever I typed returned a protocol mismatch error.

This doesn't necessarily mean a security issue as long as everything is being patched regularly.