Questions tagged [vulnerability]

47 questions
56
votes
3 answers

How to fix 'logjam' vulnerability in Apache (httpd)

Recently, a new vulnerability in Diffie-Hellman, informally referred to as 'logjam' has been published, for which this page has been put together suggesting how to counter the vulnerability: We have three recommendations for correctly deploying…
11
votes
1 answer

Chown in sudoers file : Safe or not?

Is it safe to add this command in sudoers file? mike ALL= NOPASSWD:/bin/chown -R www-data\:www-data /var/www and this is the only command that I want to run $mike@ubuntu: sudo chown -R www-data:www-data /var/www Thank you.
Mike
  • 125
  • 1
  • 1
  • 6
8
votes
5 answers

How to patch CVE-2015-0235 (GHOST) on debian 7 (wheezy)?

This vulnerability was found in glibc, see this hacker news post for more info. As described in the debian bug tracker, the vulnerability was already patched in testing and unstable. I'd like to patch it as early as possible, so is it possible to…
twall
  • 183
  • 1
  • 5
8
votes
1 answer

How can I test for BadUSB vulnerability?

There are news that an unpatchable and unfixable USB firmware exploit is "out there". This could seem unrelated to servers but since the affected hardware from Phison is not disclosed there is a possibility of devices that are connected to an…
Eduard Florinescu
  • 831
  • 5
  • 24
  • 39
6
votes
2 answers

Finding Webserver Vulnerability

We operate a webserver farm hosting around 300 websites. Yesterday morning a script placed .htaccess files owned by www-data (the apache user) in every directory under the document_root of most (but not all) sites. The content of the .htaccess file…
Brent
  • 22,219
  • 19
  • 68
  • 102
4
votes
1 answer

CVE-2014-0196 Vulnerability for CentOS

Trying to patch CVE-2014-0196 Vulnerability but yum can't find packages updates CentOS 6.5 (Final) Panel version: 11.0.9 Update #61 # uname -r 2.6.32-358.11.1.el6.x86_64 # yum update kernel Loaded plugins: fastestmirror Determining fastest…
hsands
  • 43
  • 3
3
votes
2 answers

how to configure postfix behind haproxy?

During the last years I had an emailserver running for my small business without problems. Now that my company has grown, I wanted to add a bit of redundancy and added a failover emailserver with a loadbalancer in front (haproxy). All went fine…
Joe Silencio
  • 31
  • 1
  • 1
  • 6
3
votes
2 answers

Disabling weak protocols and ciphers in Centos with Apache

Can anyone help me determine hat could be the reason I am still getting VA gaps from scanner for the following? My server hosts multiple web app, but I am using the same settings for all virtual hosts. 20007 - SSL Version 2 and 3 Protocol…
Chyornaya Vdova
  • 94
  • 2
  • 2
  • 7
3
votes
1 answer

Tomcat Virtual Host to prevent Improper-Input-Handling attack

I'm currently on the process of trying fix a site vulnerability, basically it is one type of the "Improper Input Handling" attack. Let's say my website is www.mywebsite.com and there is hacker's website www.hacker.com whenever there is a request…
CharlesC
  • 151
  • 1
  • 6
3
votes
2 answers

IIS tilde vulnerability

I have the same problem as mentioned here Fixing the IIS tilde vulnerability and have applied all suggested fixes: 8dot3 naming disabled on all drives 8dot3 names stripped from c:\inetpub\wwwroot fsutil & dir /x scan completed and no 8dot3 names…
jshizzle
  • 341
  • 10
  • 25
3
votes
4 answers

Tomcat denial of service

The last two days our Tomcat 5.5 Linux-based webserver has been broken down within minutes by starting thousands of downloads and stopping them. Some request paths in the access log end with a "?jfkdsjkfsdk"-like part. Is there a known…
Mike L.
  • 131
  • 1
  • 4
2
votes
2 answers

How to protect my server from CVE-2019-10149 - Exim - patched or unpatched - How to reject mail to RCPT ${run

In reference to the recently publicized Exim vulnerability CVE-2019-10149, I am running supposedly patched Exim v. 4.90_1 (built June 4th, 2019) on Ubuntu 18.04.2 LTS. Although it is supposedly patched, according to Canonical, I'm getting a lot of…
jdmayfield
  • 271
  • 2
  • 11
2
votes
1 answer

DSquery on AD share leaking company infomation

Today i found DSquery on one of my smb shares at work. I ran it to query users and since my company uses IC numbers as the unique CN, i got to see all my colleagues ICs which is a breach of personal information already. Firstly, is this considered a…
2
votes
3 answers

How to stop NTLM v1 authentication from being accepted on a Windows VM environment?

My scenario is that I have a website set up via IIS in Windows Server 2012 R2 Standard using Windows Authentication which has been detected as vulnerable to an NTLMv1 attack and so I am looking to disable this and allow NTLMv2 only. From my research…
Calvin N
  • 21
  • 1
  • 1
  • 3
2
votes
2 answers

Upgrade SSL/TLS/Openssl?

I have a requirement to upgrade SSL/TLS/OpenSSL. The server is RHEL 6 Enterprise. In that server I am going to remove apache, which has not been not in use for a long time. After uninstalling apache , is it stil necessary to upgrade…
1
2 3 4