Skip to main content
Version: 8.5.X

Vulnerability Solutions

A VAPT solution document outlines the process of identifying and addressing security vulnerabilities in an organization's IT infrastructure. It covers both vulnerability assessments, which detect weaknesses, and penetration testing, which simulates cyberattacks to exploit them. This document helps organizations improve security by proactively identifying risks and ensuring compliance with security standards. Read on to learn how the various vulnerabilities are resolved.

note
  • The VAPT solution document applies to the Ubuntu OS v22.04.
  • Please use ROOT user to execute the commands.

VAPT List

Lib Curl

To resolve the vulnerability, upgrade lib curl to version 8.4 or later. To upgrade, follow the below steps:

  1. Download and extract the "curl_VAPT" zip file.

  2. Login to the terminal server.

  3. Navigate to the extracted folder and install the deb packages using the below command:

    dpkg -i *.deb

  1. Once the dependency packages are installed, update the curl package.
  2. Install the curl setup by extracting the tar file.

  1. Navigate to the curl folder as shown below:

  1. Run the below commands:

    ./configure --without-ssl 
    make
    make install
    ldconfig

  1. Once done, check the curl version using the below command:

    curl --version

SSH Terrapin Prefix Truncation Weakness Vulnerability

To resolve the vulnerability, follow the below steps:

  1. Add the below line to the /etc/ssh/sshd_config file.

    Ciphers -chacha20-poly1305@openssh.com

  2. Save the file by pressing the Esc key, typing ":wq!", and pressing Enter.

  3. Check the status of sshd using the command:

    systemctl status sshd

  4. Restart sshd using the command:

    systemctl restart sshd

  5. Check the status of sshd using the command:

    systemctl status sshd

OpenSSL 1.0.1 < 1.0.1u Multiple Vulnerabilities (Ubuntu 22.04)

To resolve the vulnerability, follow the below steps:

  1. Download the openssl zip file.

  2. Execute and install the dpkg packages using the below commands:

    cd openssl/ 
    dpkg -i openssl_3.0.2-0ubuntu1.18_amd64.deb

APACHE Log4j, Upgrade Apache Log4j version 2.17.1, 2.12.4, or 2.3.2 or later, or apply the vendor mitigation (Elasticsearch) / Apache Log4j 2.0 < 2.3.2 / 2.4 < 2.12.4 / 2.13 < 2.17.1 RCE

To resolve the vulnerability, follow the below steps:

note

Before performing the steps below, ensure the file path is from the VAPT sheet or docs.

  1. Download the ElasticSearchlog4jVAPT zip file.

  2. Replace the two files and assign ownership to them.

  3. Check the elastic search service status and stop it using the below commands:

    systemctl status elasticsearch 
    systemctl stop elasticsearch
    cd /usr/share/elasticsearch-7.3.2/lib
  4. Remove the older log4j library files using the below commands:

    rm log4j-core-2.11.1.jar 
    rm log4j-api-2.11.1.jar
  5. Replace the new updated log4j library file to /usr/share/elasticsearch-7.3.2/lib/ using the below commands:

    cp log4j-core-2.17.2.jar /usr/share/elasticsearch-7.3.2/lib/ 
    cp log4j-api-2.17.2.jar /usr/share/elasticsearch-7.3.2/lib/
  6. Assign fmtuser and fmtusergroup permission using the below commands:

    cd /usr/share/ 
    chown -R fmtuser:fmtusergroup elasticsearch-7.3.2/
  7. Check the elastic search service status and start it using the below commands:

    systemctl status elasticsearch 
    systemctl start elasticsearch
    systemctl status elasticsearch

OpenSSH Upgrade v8.9 to 9.6

To resolve the vulnerability, follow the below steps:

note
  • Take the VM snapshot before you implement the below VAPT solution.
  • Please copy the database and fileDB backup to another location.
  • The attached ZIP file includes two fully functional methods for the OpenSSH solution.
  1. Download and extract the OpenSSH_VAPT zip file.

  2. Execute the file using the below command:

    cd OpenSSH_VAPT/OpensshPack/DepPack 
    dpkg -i *.deb
  3. Once the above packages are installed, begin the OpenSSH upgrade process.

  4. Extract the tar file using the below command:

    tar -xzvf openssh-9.6p1.tar.gz

  5. Navigate to the extracted folder using the below command:

    cd openssh-9.6p1

  6. Verify the SSH version using the below command:

    ssh –V

  7. Install using the below command.

    ./configure 
    make
    sudo make install
    source /etc/environment
  8. Verify the SSH version using the below command:

    ssh -V

info
  • This document can be updated for future improvements or to add new VAPT point solutions.
  • The download links can be updated if needed in the future or if another method becomes available.