Thursday, January 27, 2022

These critical security bugs put Linux servers at risk of attack

Researchers have discovered that Control Web Panel (CWP), a popular web hosting management software, carried with it two flaws which, when chained together, lead to a remote code execution (RCE) vulnerability on certain Linux-powered servers.

A report from Octagon Networks researcher Paulos Yibelo details two vulnerabilities in CWP - CVE-2021-45467, and CVE-2021-45466. CWP supports CentOS, rocky Linux, Alma Linux, and Oracle Linux.

The blog post gets very technical on the vulnerabilities, but long story short - some parts of CWP panel are exposed, without authentication in the webroot. 

Exposed

“Turns out, not a lot is exposed,” the blog post concludes. 

Yibelo said the team will release a full Proof-of-Concept for red teams, that achieves preauth RCE, once enough servers migrate to the latest versions and thus mitigate the threat. 

It's been a tough week for Linux fans, after researchers from Qualys also recently identified a decade-old “extremely severe” vulnerability affecting every major distro for the operating system (OS).

Mitigating high severity threats

The vulnerability, “hiding in plain sight” for more than 12 years, is a memory corruption in polkit’s pkexec. 

As explained by the researchers, it’s an SUID-root program, installed by default. Malicious actors could exploit the bug to gain full root privileges on the target machine, and then do as they please - even install malware or ransomware

Read More

> This easily exploitable bug affects all Linux distros

 > Ubuntu has a pretty serious security flaw, so patch now

> Malware targeting Linux systems hit a new high in 2021

Also recently, a high severity vulnerability was found in Ubuntu, allowing malicious actors to crash the system, or run software in administrator mode. 

The vulnerability, tracked as CVE-2022-0185, allegedly affects all of the Ubuntu releases that are still being supported. That includes Ubuntu 21.10 Impish Indri with Linux kernel 5.13, Ubuntu 21.04 Hirsute Hippo with Linux kernel 5.11, Ubuntu 20.04 LTS Focal Fossa, and Ubuntu 18.04 LTS Bionic Beaver, both with Linux kernel 5.4 LTS.

As usual, admins are urged to update their systems to the latest version as soon as possible.

Via: ThreatPost



from TechRadar - All the latest technology news https://ift.tt/3INs4k5
at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Forget about Wi-Fi, your own private 5G network could be the answer to your connection woes — here's how to set one up for much cheaper than you think

Private 5G networks, where individuals or companies set up their own cellular connections, could potentially provide a viable alternative t...