Home Online Business Apache HTTP Server and Linux Kernel Vulnerabilities | Linode

Apache HTTP Server and Linux Kernel Vulnerabilities | Linode

0
Apache HTTP Server and Linux Kernel Vulnerabilities | Linode

[ad_1]

On this week’s digest, we are going to focus on the next:

  • Apache HTTP server vulnerabilities;
  • a Linux Kernel Netfilter Integer Overflow vulnerability; and
  • CentOS Internet Panel 7 RCE

Apache HTTP Server Vulnerabilities:

If a carefully-crafted request header can carry out a reminiscence learn or write of a single zero byte in a heap reminiscence location past the header worth despatched, it may trigger the method to crash. This challenge impacts Apache HTTP Server 2.4.54 and earlier, so improve to 2.4.55 to mitigate.

Inconsistent interpretation of HTTP Requests (‘HTTP Request Smuggling’) vulnerability in mod_proxy_ajp of Apache HTTP Server permits an attacker to smuggle requests to the AJP server to which it forwards requests. This challenge impacts Apache HTTP Server 2.4 model 2.4.54 and prior variations, so improve to 2.4.55 to patch this vulnerability.

  • CVE-2022-37436 mod_proxy previous to 2.4.55 permits a backend to set off HTTP response splitting 

The software program doesn’t accurately course of CRLF character sequences, that are end-of-line characters. Attackers can ship a crafted HTTP packet with a CRLF sequence, inflicting early truncation of the response headers and incorporating some headers into the response physique. If the later headers have any safety function, they won’t be interpreted by the consumer. This challenge impacts Apache HTTP Server 2.4.54 and prior variations, so improve to 2.4.55 to patch this vulnerability. 

Linux Kernel Netfilter Integer Overflow Vulnerability

CVE-2023-0179  consists of stack buffer overflow on account of integer underflow vulnerability inside the nft_payload_copy_vlan perform, which is invoked with nft_payload expressions so long as a VLAN tag is current within the present socket buffer. RedHat gave this vulnerability a CVSS v3 rating of seven.8, which impacts machines which might be on the most recent distro variations reminiscent of Ubuntu Jammy, Debian Bullseye, Rocky Linux 9, or machines with a kernel model 5.10 LTS. This vulnerability doesn’t have an effect on Debian buster. 

Mitigate this flaw by disabling unprivileged consumer namespaces stopping exploitation:

sysctl -w kernel.unprivileged_userns_clone = 0

Centos Internet Panel 7 Distant Code Execution Vulnerability

CVE-2022-44877 is a vital vulnerability that impacts any CWP under model 0.9.8.1147 and is being exploited within the wild. This vulnerability exists within the login/index.php in CWP and permits distant attackers to execute arbitrary OS instructions through shell metacharacters within the login parameter. Researchers launched a PoC for this vulnerability to GitHub and Youtube on January fifth, 2023, resulting in elevated exploitation by menace actors. To mitigate this menace, replace to the newest model, v0.9.8.1148, as this impacts Centos Internet Panel 7 < v0.9.8.1147.

[ad_2]

LEAVE A REPLY

Please enter your comment!
Please enter your name here