In this week’s Linode Security Digest, we go over some recent vulnerabilities and security news. Happy Cybersecurity Awareness Month to all our customers! #BeCyberSmart
Apache Warns of Zero-Days
Apache recently issued patches to fix two vulnerabilities in its open source web server software. One vulnerability (CVE-2021-41524) allows an attacker to cause denial of service with a specially crafted request. The other vulnerability (CVE-2021-41773) allows a malicious actor to use a path traversal attack to read files outside the expected document root. An attacker can get read access to system files by exploiting this vulnerability.
While both of these vulnerabilities only exist in version 2.4.49, researchers see these vulnerabilities exploited in the wild. We urge all of our customers to update their Apache servers at their earliest convenience.
NSA and CISA’s Guide To Hardening Your VPN
Since the start of the pandemic, many companies have embraced remote work as a way to continue their operations. The use of VPN solutions to provide remote access can be both a good security measure and a security risk. This information sheet written by NSA and CISA can help you harden your VPN solutions to protect yourself from emerging threats. Did you know that VPN solutions like OpenVPN can be deployed automatically in just a few minutes using our One-Click Marketplace apps?
Fail2Ban Remote Code Execution Vulnerability (CVE-2021-32749)
Fail2Ban is a package that is available in many Linux distributions’ default repositories. It is a simple but powerful tool to ban IP addresses based on failed authentication attempts temporarily. Fail2Ban works by analyzing the logs on a system to add temporary firewall rules. Your Linux server then drops these packets to protect itself from the repeating requests made by these banned sources.
Back in July, a security researcher discovered a serious vulnerability in Fail2Ban that could allow an attacker to execute commands with root privileges. You could still be affected by this vulnerability if you’re using an older version of Fail2Ban and using mailutils to generate alerts. While it is difficult for an attacker to leverage this type of vulnerability successfully, it’s always better to be safe than sorry.
We continue to stay methodically paranoid about protecting our assets and keeping our customers’ speedy servers always available. Feel free to leave a comment down below about our security digests! We’d love to hear your feedback.