Categories
Internet Security Uncategorized

Time to Install apt-transport-https !!!

Add Your Heading Text Here

Share it:

The apt-get utility that can be exploited by a remote, man-in-the middle attacker to compromise Linux machines.

The flaw, apparently, once again demonstrates that if the software download ecosystem uses HTTPS to communicate safely, such attacks can easily be mitigated at the first place.

The APT utility doesn’t properly sanitize certain parameters during HTTP redirects, allowing man-in-the-middle attackers to inject malicious content and trick the system into installing altered packages.

APT HTTP redirects help Linux machines to automatically find suitable mirror server to download software packages when others are unavailable.

If the first server somehow fails, it returns a response with the location of next server from where the client should request the package.

A malicious mirror—can inject malicious packages in the network traffic and execute arbitrary code on the targeted system with the highest level of privileges, i.e. root.

Since apt-get is part of many major Linux distributions including Debian and Ubuntu, who have also acknowledged the flaw and released security updates, it is highly recommended for Linux users to update their systems as soon as possible.

source: THN

Categories
Uncategorized

Systemd Privelege Escalation Flaw Affects Debian and Redhat Users

Add Your Heading Text Here

Share it:

Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems.

The vulnerabilities, assigned as CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866, actually resides in the “systemd-journald” service that collects information from different sources and creates event logs by logging information in the journal.

The vulnerabilities, which were discovered and reported by security researchers at Qualys, affect all systemd-based Linux distributions, including Redhat and Debian, according to the researchers.

The first two flaws are memory corruptions issues, while the third one is an out-of-bounds read issue in systemd-journald that can leak sensitive process memory data.

If you are using a vulnerable Linux system, keep tabs on the latest updates by your respective Linux distribution and install the patches as soon as they are released.

Source: theHackernews