Quantcast
Channel: ubuntu – Ayr
Viewing all articles
Browse latest Browse all 4

The last 3 *nix vulnerabilities you should be aware

0
0

First, your server and workstation should be all right if you have all the last security updates. So, there’s no need to panic. 🙂

Secondly, this is my personal option based on the daily things I have seen from the middle of the year 2015 to now. This post is for advanced users that handle many servers on a regular basis.

Let’s start with the micro review.

CVE-2016-0728 – The local privilege escalation vulnerability in the Linux kernel:

 

Privilege escalation vulnerabilities aren’t very common with GNU/Linux distributions. Especially because the daemons and process usually don’t run at the top of the root user.

Since Shellshock, we do not see big bugs of this type:

http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/

 

CVE-2016-0777 and CVE-2016-0778 – The roaming feature for SSH clients:

 

We see server sides vulnerabilities every time during the management duties. What about a client side issue that makes you vulnerable while accessing a server?

If you run SSH on the wrong server and have the UseRoaming feature active (that is, by default) someone could steal your SSH private key:

https://www.digitalocean.com/community/questions/openssh-client-bug-cve-2016-0777-and-cve-2016-0778

 

CVE-2015-7547 – THE DNS exploit

 

This one caused sleepless nights of many engineers in late 2015.

Considered the bug that caused the 3th worst DDoS attack to DNS Root Servers the history of the Internet it caused DNS resolutions errors for the most part of the planet triggering intermittent instability for internet service providers and hosting providers everywhere for months.

mother of good

 

No more comments on this one:

https://blog.cloudflare.com/a-tale-of-a-dns-exploit-cve-2015-7547/

http://root-servers.org/news/events-of-20151130.txt 

Bonus:

This one is not new but started to be an issue again recently with the popularization of private networks accessible only via SSH Tunnels due to lack of IPv4:
https://www.clockwork.com/news/2012/09/28/602/ssh_agent_hijacking

 

Feel free to post at the comments your personal rank.

Thanks!


Viewing all articles
Browse latest Browse all 4

Latest Images

Trending Articles





Latest Images