Rsync remote attack-CVE-2014-9512

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.

 

Timeline

January 5, 2015 MITRE reserved CVE
February 12, 2015 NVD published advisory

Authority references

Vendor & other references

GHOST: glibc vulnerability (CVE-2015-0235)

Background Information

GHOST is a ‘buffer overflow’ bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.

Impact

The gethostbyname() function calls are used for DNS resolving, which is a very common event. To exploit this vulnerability, an attacker must trigger a buffer overflow by supplying an invalid hostname argument to an application that performs a DNS resolution.

A list of affected Linux distros

  • RHEL (Red Hat Enterprise Linux) version 5.x, 6.x and 7.x
  • CentOS Linux version 5.x, 6.x & 7.x
  • Ubuntu Linux version 10.04, 12.04 LTS
  • Debian Linux version 7.x
  • Linux Mint version 13.0
  • Fedora Linux version 19 or older
  • SUSE Linux Enterprise 11 and older (also OpenSuse Linux 11 or older versions).
  • SUSE Linux Enterprise Software Development Kit 11 SP3
  • SUSE Linux Enterprise Server 11 SP3 for VMware
  • SUSE Linux Enterprise Server 11 SP3
  • SUSE Linux Enterprise Server 11 SP2 LTSS
  • SUSE Linux Enterprise Server 11 SP1 LTSS
  • SUSE Linux Enterprise Server 10 SP4 LTSS
  • SUSE Linux Enterprise Desktop 11 SP3
  • Arch Linux glibc version <= 2.18-1

Resolution

Update the glibc and nscd packages on your system using:

Fix for Centos/RHEL/Fedora 5,6,7:

  •  yum update glibc
  • Restart ALL running services or reboot the server as an alternative.

Fix for Ubuntu:

  • sudo apt-get clean
  • sudo apt-get update
  • sudo reboot

The POODLE Attack – SSL 3.0 Protocol Vulnerability (CVE-2014-3566)

Systems Affected

All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this vulnerability using web browsers and web servers, which is one of the most likely exploitation scenarios.

 

Solution

There is currently no fix for the vulnerability SSL 3.0 itself, as the issue is fundamental to the protocol; however, disabling SSL 3.0 support in system/application configurations is the most viable solution currently available.

 

** Updates available: RHEL/CentOS/RPM based OS:

yum -y update openssl

** You MUST disable SSLv3 in all used services (httpd, mail, etc) , The update just prevents the downgrading but the protocol itself is still vulnerable.

Can I add more RAM to my 32 bit Operating System (OS)?

Some 32 bit Operating Systems (OS) limit the amount of RAM they will support. Exceeding that limit may contribute to a number of problems. Therefore it is not supported. Upgrading to a 64 bit Operating Systems (OS) is recommended. A list of 32 bit Operating Systems (OS) with limited RAM is below.

 

Operating System (OS)

Bit

RAM Limit (GB)

CloudLinux 5 32 bit 64
CloudLinux 6 32 bit 8
Debian 6 32 bit 32
RHEL/CentOS 5 Minimal/LAMP 32 bit 64
RHEL/CentOS 6 Minimal/LAMP 32 bit 16
Ubuntu 8.04 LTS 32 bit 64
Ubuntu 10.04 LTS 32 bit 64
Ubuntu 12.04 LTS 32 bit 64

How to increase /tmp partition size on a non-control panel server

Stop Apache and MySQL services.

# /etc/init.d/httpd stop; /etc/init.d/mysql stop

Take a backup of /tmp

# cp -rp /tmp /tmp.bak

Create a partition of 2GB using the below command

# dd if=/dev/zero of=/usr/temp-disk bs=2M count=1024

Create the file system on it using the mke2fs command

# mke2fs -j /usr/temp-disk

Unmount the current /tmp partition

# umount /tmp

Mount the new /tmp filesystem using the below command

# mount -t ext3 -o rw,noexec,nosuid,loop /usr/temp-disk /tmp

Set the correct permission for /tmp

# chmod 1777 /tmp

To verify the partition, execute:

# mount

Restore the content of old /tmp.bkp directory

# cp -rp /tmp.bak/* /tmp

Start Apache and MySQL services.

# /etc/init.d/httpd start; /etc/init.d/mysql start

To make sure this partition is mounted automatically after every reboot, edit the /etc/fstab and replace /tmp entry line with the following one.

/usr/temp-disk /tmp ext3 rw,noexec,nosuid,loop 0 0

How to generate a Strong Password

Overview

Creating and using strong passwords is an important part of your server security.

NOTE:

If your old password was compromised, make sure that your new password is very different from your old one.

Things to include

  1. At least eight characters.
  2. One or more of each of the following:
    • lower-case letter
    • upper-case letter
    • number
    • punctuation mark
  3. Lookalike characters to protect against password glimpses. Examples:
    • O as in Oscar and the number 0.
    • Lower-case l and upper-case I.
    • The letter S and the $ sign.

Things to avoid

  1. Words you can find in the dictionary.
  2. Passwords shown as “example strong passwords.”
  3. Personal information, such as names and birth dates.
  4. Keyboard patterns, like qwerty or 12345. Particularly avoid sequences of numbers in order.
  5. Common acronyms.
  6. All one type of character – such as all numbers, all upper-case letters, all lower-case letters, etc.
  7. Repeating characters, such as mmmm3333.
  8. The same password you use for another application.

Memorable password tips

While passwords that are easy for you to remember are also less secure than a completely random password, following these tips can help you find the right balance between convenience for you and difficulty for hackers.

  1. Create a unique acronym for a sentence or phrase you like.
  2. Include phonetic replacements, such as ‘Luv 2 Laf’ for ‘Love to Laugh.’
  3. Jumble together some pronounceable syllables, such as ‘iv,mockRek9.’

Keep your password secret

  1. Never tell your password to anyone (this includes significant others, roommates, coworkers, etc.). If you need to grant someone access to your server, set up a separate username and password for that person.
  2. Never write your password down, especially not anywhere near your computer.
  3. Do not store your password in a plain text file on your computer.
  4. Never send your password over an unecrypted connection – including unencrypted email.
  5. Periodically test your current password.
  6. Update your password every six months.

Third-party tools

Password generators

Password strength tests

Password storing tools

Welcome to our blog

This blog will cover the following topics:

  • Attacker.NET offers & News
  • Security Advisories
  • Tutorials & How-To’s
  • Genetal IT news, Issues and Best practices