Network configuration in Ubuntu 18.04 LTS using netplan

With Ubuntu 18.04 onwards, configuring IP addresses stands different from the older versions. When comparing with the previous versions the Ubuntu is using a new utility called Netplan – another order line arrange design utility, to arrange an IP address.

Netplan has been presented by Ubuntu engineers in Ubuntu 17.10 where we no longer use the “interfaces” file to configure IP address but does the task using a YAML file with all default arrangement documents found under /etc/netplan/ directory. In this blog, we will check on how to design static and dynamic IP address in Ubuntu 18.04 LTS server.

Continue reading…

CVE-2017-5638: Apache Struts 2 Vulnerability

Apache Struts 2 is an open-source development framework for Java applications.
On March 6th, 2017, a vulnerability tracked as CVE-2017-5638 in Apache Struts 2 was made public. This vulnerability could allow an attacker to perform remote code execution with malicious Content.
This particular vulnerability can be exploited if the attacker sends a  request to upload a file to a vulnerable server that uses a Jakarta-based plugin to process the upload request.
The attacker can then send malicious code in the Content-Type header to execute the command on a vulnerable server.
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string as exploited in the wild in March 2017.

Solution
===========
Both Cisco and Apache researchers asked administrators to upgrade their systems to Apache Struts version 2.3.32 or 2.5.10.1

If you require help, contact SupportPRO Server Admin

Server not running properly? Get A FREE Server Checkup By Expert Server Admins - $125 Value

How to Fix Dirty Cow Vulnerability – CVE-2016-5195

A serious vulnerability named Dirty COW has been discovered recently which has put the Linux kernel under risk. It is said that this vulnerability was noticed nine years ago (since version 2.6.22 in 2007) and remained unnoticed throughout this time. A researcher named Phil Oester was the man behind the detection of this serious threat.

According to him, the vulnerability is described as a race condition where the Linux kernel’s memory subsystem handles the copy-on-write (COW) breakage of private read-only memory mappings. In this way, the attackers gain write access to read-only memory updates and this paves the way to their increased privileges on the system. Continue reading…

DROWN Attack – SSLv2 Vulnerablity

Security researchers identified a new OpenSSL vulnerability, called DROWN( Decrypting RSA with Obsolete and Weakened Encryption ) on March 2016. This attack was focused on servers that use the more secure TLS protocol, which also supports the obsolete SSLv2.This vulnerability allows an attacker to decrypt the highly secured TLS encrypted communication if the server houses SSLv2 cipher support.

DROWN was assigned the CVE-2016-0800 id by the us-nert on the march (https://www.us-cert.gov/ncas/bulletins/SB16-067 ).

More than 11 million websites that use TLS were vulnerable to DROWN attack. If your website is protected by TLS and your server directly on indirectly supports the older SSLv2, you are also vulnerable and an attacker may exploit it to get important information such as user names, password, financial credentials, important documents ..etc. Continue reading…