In late April, there were numerous facts of hacking servers in the data center. Attackers got root access to servers and used them for various purposes - miners, zombies for DDOS attacks, etc. Later it was figured the vulnerable is because of permanently available ip-kvm access. It was through vulnerabilities in ILO software that grants access to an operating systems at the end.

Red Hat has been made aware of a command injection flaw found in a script included in the DHCP client (dhclient) packages in Red Hat Enterprise Linux 6 and 7.

A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager which is configured to obtain network configuration using the DHCP protocol.

Background Information
The DHCP protocol is used to configure network related information in hosts from a central server. When a host is connected to a network, it can issue DHCP requests to fetch network configuration parameter such as IP address, default router IP, DNS servers, and more.

The DHCP client package dhclient provided by Red Hat has a script /etc/NetworkManager/dispatcher.d/11-dhclient (in Red Hat Enterprise Linux 7) or /etc/NetworkManager/dispatcher.d/10-dhclient (in Red Hat Enterprise Linux 6) for the NetworkManager component, which is executed each time NetworkManager receives a DHCP response from a DHCP server. A malicious DHCP response could cause the script to execute arbitrary shell commands with root privileges.

Acknowledgments
Red Hat would like to thank Felix Wilhelm from the Google Security Team for reporting this flaw. 

Presenting new service from Nsomnia Networks - VPNSHELL.CC

Client-server on OpenVPN technology is a popular technology with the support of the absolute majority of modern platforms. Forget about hacking and mumbo jumbo!

We offer you the opportunity to order a server in our rack.

Benefits:

• Port speed upgrade without changind server allocation and IPs
• Flexible traffic plans
• Possibility of multiple servers integration to a local network
• Possibility of ip-KVM (DRAC/iLO) activation.

You may also order an additional hardware:

• Manged switch Juniper EX2200 - $89/month;
• Managed switch Juniper EX3300 - $159/month;
• Firewall Cisco ASA 5505, ASA 5510, ASA 5520, ASA 5540, ASA 5550;
• Load balancers A10 AX series 1030, Kemp LM-2200.