alwaysdata All Projects: Tasklist

	ID	Status	Summary	Opened by
	~~157~~	Closed	~~Unauthorized Disclosure of Other Users' Disk Usage~~	benkemalgeliyorum	Task Description Vulnerability Name: Information Disclosure – Visibility of Other Tenants’ Disk Usage in Shared Hosting Environment Category: Information Disclosure / Multi-Tenant Isolation Failure Risk Level: Medium (While not directly exploitable for privilege escalation, it exposes useful intelligence for targeted attacks and reconnaissance.) Description: During the assessment of a shared hosting environment, it was discovered that a tenant is able to retrieve detailed disk usage statistics of other isolated user environments using the df -h command. This command returns mounted paths, storage consumption, and free space of all user directories (e.g., /home/otheruser), which should typically be restricted in a multi-tenant environment. Example output: $df -h \| grep /home http16.paris1:/username 3.4T 2.6T 873G 75% /home/username http14.paris1:/username 3.4T 494G 3.0T 15% /home/username http13.paris1:/username 3.4T 2.5T 994G 72% /home/username ... This visibility allows an unauthorized user to: Enumerate other tenants or hosted projects Gain insight into storage usage patterns (e.g., usage-heavy customers, inactive tenants) Perform targeted social engineering or brute-force attacks Impact: Tenant Enumeration: Other users’ directories are exposed. Reconnaissance Enhancement: Adversaries can prioritize targets based on usage size. Privacy Violation: Hosting provider may violate customer expectations or compliance agreements. Shared Resource Leakage: Confirms existence and usage of specific customers or internal projects. Recommendation: Filesystem Namespace Isolation Use Linux namespaces or containerization to ensure per-tenant views of mounted volumes. Restrict Sensitive Binaries Limit use of df, mount, or /proc/mounts for non-root users via AppArmor/SELinux or shell restrictions. Audit Hosting Configuration Revisit NFS/remote mount policies. Do not globally mount storage pools unless required. Monitoring & Detection Log and alert on suspicious usage of commands like df, ls /home, or du by non-privileged users. References: OWASP A05:2021 https://https://owasp.org/Top10/A05_2021-Security_Misconfiguration/ CWE-200 https://https://cwe.mitre.org/data/definitions/200.html

~~157~~

Closed

~~Unauthorized Disclosure of Other Users' Disk Usage~~

benkemalgeliyorum

Task Description

Vulnerability Name:

Information Disclosure – Visibility of Other Tenants’ Disk Usage in Shared Hosting Environment

Category:

Information Disclosure / Multi-Tenant Isolation Failure

Risk Level:

Medium
(While not directly exploitable for privilege escalation, it exposes useful intelligence for targeted attacks and reconnaissance.)

Description:

During the assessment of a shared hosting environment, it was discovered that a tenant is able to retrieve detailed disk usage statistics of other isolated user environments using the df -h command. This command returns mounted paths, storage consumption, and free space of all user directories (e.g., /home/otheruser), which should typically be restricted in a multi-tenant environment.

Example output:

$df -h | grep /home
http16.paris1:/username         3.4T  2.6T  873G  75% /home/username
http14.paris1:/username            3.4T  494G  3.0T  15% /home/username
http13.paris1:/username            3.4T  2.5T  994G  72% /home/username
...

This visibility allows an unauthorized user to:

Enumerate other tenants or hosted projects

Gain insight into storage usage patterns (e.g., usage-heavy customers, inactive tenants)

Perform targeted social engineering or brute-force attacks

Impact:

Tenant Enumeration: Other users’ directories are exposed.

Reconnaissance Enhancement: Adversaries can prioritize targets based on usage size.

Privacy Violation: Hosting provider may violate customer expectations or compliance agreements.

Shared Resource Leakage: Confirms existence and usage of specific customers or internal projects.

Recommendation:

Filesystem Namespace Isolation
Use Linux namespaces or containerization to ensure per-tenant views of mounted volumes.

Restrict Sensitive Binaries
Limit use of df, mount, or /proc/mounts for non-root users via AppArmor/SELinux or shell restrictions.

Audit Hosting Configuration
Revisit NFS/remote mount policies. Do not globally mount storage pools unless required.

Monitoring & Detection
Log and alert on suspicious usage of commands like df, ls /home, or du by non-privileged users.

References:

OWASP A05:2021 https://https://owasp.org/Top10/A05_2021-Security_Misconfiguration/ CWE-200 https://https://cwe.mitre.org/data/definitions/200.html

Showing tasks 1 - 1 of 1 Page 1 of 1

All Projects

Vulnerability Name:

Category:

Risk Level:

Description:

Impact:

Recommendation:

References:

Available keyboard shortcuts

Tasklist

Task Details

Task Editing