CYB 240 Vulnerability Summary Report Michael Lara

.docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

240

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

5

Uploaded by JudgeMoonKingfisher28

Michael Lara SNHU CYB 240 2/18/2024
Server vulnerabilities A. The initial security concern identified involves the Apache Web Server reaching its End of Life, making the server susceptible to various exploits, including remote code execution (RCE) vulnerabilities. Upgrading the server is advised to mitigate these risks. Successful exploitation of these vulnerabilities can lead to severe consequences such as website takeover, downtime, or redirection to malicious sites. Such incidents can damage a business's reputation, affect profits, and require considerable time and resources to resolve. Proactively applying patches is a more straightforward and efficient solution than addressing the aftermath of an attack. B. An incident example involves a vulnerability in Apache HTTPD, disclosed by F5 Networks, affecting versions prior to 2.2.33. The issue, identified as CVE-2017-7679, arises in mod_mime, which can read beyond the buffer by one byte when processing a malicious Content-Type response header. (CVE, 2017; Apache Software Foundation, 2019). C. I intended to download and extract the latest Apache version to perform an update. To address the vulnerability, it is necessary to update Apache to the latest version, 2.4.55,
and apply all relevant security patches. Additionally, access to the configuration utility should be restricted to secure networks only. Non-server related vulnerabilities A. Apache Web Server Version 2.2.14 is End of Life. Regarding the vulnerability associated with non-server components, addressing the versions of SSL/TLS presents a viable strategy. SSL and TLS protocols facilitate secure communication between clients and servers by authenticating and encrypting data. However, older versions of these protocols employ weaker ciphers, rendering them susceptible to SSL/TLS stripping and man-in-the-middle attacks. B. In the case of older SSL/TLS protocol versions, reliance on compromised hash functions such as SHA-1 and MD5 facilitated attackers' ability to conduct impersonation and downgrade attacks. Additionally, TLS 1.2 is susceptible to a specific vulnerability that enables attackers to execute man-in-the-middle attacks, known as Raccoon attacks. These attacks allow malicious actors to acquire session keys and intercept encrypted data. C. What you could do for the Windows server would be the following: 1. Login to windows server
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help