Questions tagged [exploit]

A sequence of commands or configuration data which can predictably utilize a vulnerability of a system.

64 questions
69
votes
8 answers

A previous IT worker probably left some backdoors. How can I eliminate them?

I started working for a company that fired a previous IT worker for leaking data. I can only say the following things: We use a Firebird DB with an application written by another company, Proxmox, for virtualization of Windows Server 2008 R2, SQL…
user2265690
  • 729
  • 1
  • 5
  • 4
16
votes
4 answers

How do I patch RHEL 4 for the bash vulnerabilities in CVE-2014-6271 and CVE-2014-7169?

A mechanism for remote code execution through Bash has been widely reported yesterday and today (September 24, 2014.) http://seclists.org/oss-sec/2014/q3/650 Reported as CVE-2014-7169 or CVE-2014-6271 For reasons too stupid for me to explain in…
Bob Brown
  • 273
  • 1
  • 3
  • 11
14
votes
9 answers

SSH server zero-day exploit - Suggestions to protect ourselves

According to the Internet Storm Center, there seems to be a SSH zero-day exploit out there. There is some proof of concept code in here and some…
sucuri
  • 2,817
  • 1
  • 22
  • 22
10
votes
1 answer

How to check if my Supermicro IPMI is compromised with plaintext admin password over the web?

I've some Supermicro servers with IPMI running, and as described in this blog (http://blog.cari.net/carisirt-yet-another-bmc-vulnerability-and-some-added-extras) there's a critical vulnerability to get plaintext admin passwords from any remote…
Vinícius Ferrão
  • 5,400
  • 10
  • 52
  • 91
7
votes
1 answer

Safest ciphers to use with the BEAST? (TLS 1.0 exploit) I've read that RC4 is immune

Now that the BEAST is public knowledge, TLS 1.0 is NOT safe to use (nor is SSL 3.0). I have seen reports that the RC4 cipher is unaffected (and is widely supported). Is that true? I know that TLS 1.1 is immune. But out of the 1,000,000 most popular…
unixman83
  • 1,912
  • 8
  • 25
  • 33
7
votes
4 answers

Could/Should you be held liable for server vulnerabilities?

Is there precedent in North America or elsewhere where a server administrator was held accountable for leaving a server vulnerable? For example, if there is a known exploit in IIS - Microsoft issue a patch for it and for reason X you don't apply it…
jfrobishow
  • 71
  • 10
6
votes
8 answers

(200 ok) ACCEPTED - Is this a hacking attempt?

I assume this is some type of hacking attempt. I've try to Google it but all I get are sites that look like they have been exploited already. I'm seeing requests to one of my pages that looks like…
Byran Zaugg
  • 337
  • 1
  • 2
  • 10
5
votes
2 answers

Find out unfixed exploits count based on application version

In our enviroment we are often required to run old outdated versions of different applications, and im wondering about the security implications on that. So im hoping there is a site that basicly lists AppXX1 version V2 has X known exploits. Im off…
EKS
  • 535
  • 1
  • 5
  • 14
5
votes
8 answers

Identifying changed files on *nix webserver

Looking for some (*nix) software which will build an index of "interesting" files on a server and notify when certain of those files contents are modified, or new files appear. Similar to rkhunter et al, but less focussed on system binaries and more…
5
votes
3 answers

Weird set of shell commands in root's .bash_history

I have probably just detected that a user on a server of mine has rooted my server, but that's not what I'm asking. Has anyone ever seen command like these: echo _EoT_0.249348813417008_; id; echo _EoT_0.12781402577841_; echo $PATH && a=`env |grep…
mr.b
  • 583
  • 10
  • 25
4
votes
1 answer

Apache - disable range requests - disadvantages?

As there is a working exploit against Apache's byte range implementation (CVE-2011-3192, see here), I'd like to disable it until official patches are shipped with my distros (Debian, Ubuntu). The sites are all "normal" websites without big…
maff
  • 311
  • 1
  • 4
  • 14
4
votes
2 answers

Is my Exim vulnerable to the recent remote exploit (CVE-2011-1764)?

CentOS using yum to update Exim. Exim is configured to not allow remote connections using the local_interfaces config option. My old version was 4.63-5.el5_5.2 and after using: yum update exim it shows: 4.63-5.el5_6.2. I would like to know if this…
user69904
  • 231
  • 3
  • 11
4
votes
4 answers

my server was rooted via h00lyshit exploit, any good advice?

So yesterday I found out that my server was rooted via the h00lyshit exploit. So far I deleted all the files that might be asociated with the exploit. I also deleted all the ssh keys in ~/.ssh/authorized_keys. I changed the root password to 25…
Gabriel
  • 193
  • 1
  • 8
3
votes
1 answer

What is a reverse proxy exploit?

On this question I found this particular part of code in an Apache configuration file: # rewrite rule to prevent proxy exploit RewriteCond %{REQUEST_URI} !^$ RewriteCond %{REQUEST_URI} !^/ RewriteRule .* - [R=400,L] What is a…
adelriosantiago
  • 181
  • 2
  • 10
3
votes
2 answers

Yum reports updated bash but binary still reports old version

I'm trying to update a CentOS 5 system in order to patch the bash vulnerability described in CVE-2014-6271 / RHSA-2014:1293-1, but am running into an issue. After seemingly-successfully updating bash via yum update bash and restarting the server,…
Richard Szalay
  • 306
  • 3
  • 11
1
2 3 4 5