Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Critical RCE Flaw in Linux APT Allows Remote Attackers to Hack Systems

Critical RCE Flaw in Linux APT Allows Remote Attackers to Hack Systems

Just in time…

Cybersecurity experts this week fighting over Twitter in favor of not using HTTPS and suggesting software developers to only rely on signature-based package verification just because APT on Linux also does the same.

Just today, a security researcher revealed details of a critical remote code execution flaw in Linux APT, exploitation of which could have been mitigated if the software download manager was strictly using HTTPS to communicate securely.

Discovered by Max Justicz, the vulnerability (CVE-2019-3462) resides in the APT package manager, a widely used utility that handles installation, update and removal of software on Debian, Ubuntu, and other Linux distributions.

According to a blog post published by Justicz, the vulnerable versions of APT doesn’t properly sanitize certain parameters during HTTP redirects, allowing a remote man-in-the-middle attacker to inject malicious content and trick the system into installing altered packages.

HTTP redirects while using apt-get command help Linux machines to automatically request packages from a suitable mirror server when others are unavailable. If the first server fails, it returns a response with the location of next server from where the client should request the package.

As shown by the researcher in a video demonstration, an attacker intercepting HTTP traffic between APT utility and a mirror server, or just a malicious mirror, eventually could execute arbitrary code on the targeted system with the highest level of privileges, i.e. root, Justicz told The Hacker News.

Though Justicz has not tested, he believes the vulnerability affects all package downloads, even if you are installing a package for the very first time or updating an old one.

No doubt, to protect the integrity of the software packages, it’s important to use signature-based verification, as software developers do not have control over mirror servers, but at the same time, implementing HTTPS could prevent active exploitation after the discovery of such vulnerabilities.

No software, platform or sever can be 100 percent secure, so having every possible layer of security is never a bad idea to consider.

The developers of APT have released version 1.4.9 that addresses the issue.

Since APT is being used by many major Linux distributions including Debian and Ubuntu, who have also acknowledged and released security patches for the vulnerability, it is highly recommended for Linux users to update their systems as soon as possible.

Information Security - InfoSec - Cyber Security - Firewall Support Providers Company in India

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India, Welcome to IT Monteur's Firewall Firm, India's No1 Managed Enterprise Network Security Firewall Support Provider Company in India, Firewall Firm Provider Complete range of Juniper Firewall Support , Cisco Firewall Support , Check Point Firewall Support , Palo Alto Firewall Support , FortiGate Firewall Support , Forcepoint Firewall Support , Sophos Firewall Support , WatchGuard Firewall Support , Baracuda Firewall Support , SonicWall Firewall Support , Gajshield Firewall Support , Seqrite Firewall Support , Firewall , Hardware Firewall , Software Firewall , Firewall India , Firewall , Network Firewall , Firewall Support , Firewall Monitoring , Firewall VPN , WAF Website Firewall , Firewall Security , Firewall India , Firewalls Support Provider in India , Firewall Support Services Provider Company in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket