Cybersecurity is having a very dynamic year so far, even breaking records. Not only are tons of software vulnerabilities being exploited in 2021, but with the current turbulence between Washington and Beijing, it looks like the APT and ransomware monsters are coming back after a brief hibernation.
The software vulnerability clouds are now looming over a legendary operating system, and exploit precipitations may be on the horizon. Slackware Linux, one of the oldest Linux distributions, which represents the basis for many other Linux distributions, has released information about a security update. The update concerns several vulnerabilities. One of them is most notable in that it was classified as high-risk. Among a ton of remote code execution and some code injection flaws affecting well-known companies, now the industry is seeing ‘Server-Side Request Forgery (SSRF)’ vulnerabilities, which is the case with Slackware Linux.
SLS-based Slackware Linux is the oldest distribution of Linux that is still supported, created by Patrick Volkerding in 1993. Of all the Linux distributions, Slackware draws the most similarities with Unix and is the first one that offered more than just basic utilities and a kernel. Slackware is the basis for many Linux distributions, including the first versions of SUSE Linux, and to this day is one of the most powerful (although difficult to master) distributions available which offers great security, stability, and neutrality.
The Slackware Linux Vulnerability
In a software vulnerability report released on September 16th, 2021 via the Slackware Security web portal, public information was divulged concerning a high-risk software vulnerability in Slackware Linux.
The disclosed vulnerability (CVE ID code CVE-2021-40438) allows a remote attacker to perform SSRF attacks (Server-Side Request Forgery.) The vulnerability exists due to insufficient validation of user-supplied input within the mod_proxy module in the Apache HTTP Server. A remote attacker can send a specially crafted HTTP request with a chosen uri-path and trick the webserver to initiate requests to arbitrary systems. Successful exploitation of this vulnerability may allow a remote attacker to gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
Vulnerable Software Versions
The vulnerable software versions of Slackware Linux are;
Slackware Linux: 14.0, 14.1, 14.2
Important User Information
It is important for users to know that a fix has been released that addresses the issues. According to the official security report, Slackware states that “New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.” Slackware Linux users should update their systems. The full details regarding fixes and updates can be found here.