BitNinja overcomes CVE-2016-5696 vulnerability

CVE-2016-5696 Linux Kernel vulnerability has been recognized two weeks ago by some watchful researchers , who immediately informed the world of the Internet about the potential dangers waiting for them. This vulnerability can be exploited by an attack called with the umbrella term: “man in the middle attack” and is mainly conducted by off-path hackers. RedHat and many other companies informed their clients about the new foundings and described the issue the following way: ” Researchers have discovered a flaw in the Linux kernel’s TCP/IP networking subsystem implementation of the RFC 5961 challenge ACK rate limiting, that could allow an off-path attacker to inject payload into unsecured TCP connections.”

The Problem

TCP handles almost 90% of our data, so yes, we can feel ourselves increasingly in danger and exposed to the pernicious will of cybercriminals. If they take advantage from this, they can steal some serious details from our habitual data exchange.  We have found an excellent Patterns in the Void blog entry, where the first part explains the tiny little details of the possible exploit in such a way, it is understandable for the biggest laymen too. It is not only the high percentage of our data sent through TCP what makes the situation threatening, but the fact that 96,6% of Alexa top one million have Linux kernels. This number increases the significance of rapid decision-making  and shouts for instant solution.

The Solution

We have fascinating news for our past, present and future customers! BitNinja is able to overcome this vulnerability, as our developers made it able to catch and block the mischievous attackers who intend to harness this known weak point. Yesterday, (24 Aug) we released a new Bitninja version (1.11.29), which is officially and flawlessly tackling the issue. It is available for both, pro and free, versions.

Do you want to know more about the man-in-the-middle attack?

Watch this demo video, where they are displaying an off-path TCP attack through a side channel.
Read the original article written by the researchers who found  CVE-2016-5696, here.

If you have no more queries, 
take the next step and sign up!
Don’t worry, the installation process is quick and straightforward!
AICPA SOC BitNinja Server Security
Privacy Shield BitNinja Server Security
GDPR BitNinja Server Security
CCPA BitNinja Server Security
2024 BitNinja. All Rights reserved.
Hexa BitNinja Server SecurityHexa BitNinja Server Security