Solution to the UNSAFE Challenge is found here: https://github.com/twlinux/unsafe/blob/answer/SOLUTION.md.

The server has three critical vulnerabilities (that I can think of). Brainstorm for specific ways that you can fix the server, and what other considerations you should make.

Answers
  • Outdated dependency. st@0.2.4 is vulnerable to directory traversal. Update declaration in package.json and run npm update.
  • Unnecessary system services. Use systemctl to stop unnecessary daemons. Disable remote root login for all services.
  • Bad password. Just change it... passwd root
Bad Squid