≡ Menu

vulnerability

How to fix Httpoxy a CGI PHP/Nginx/Apache/Go application vulnerability on Linux or Unix

A serious vulnerability was discovered in how CGI scripts are used by Linux or Unix that use PHP, Go, Python, and other scripting languages. How do I fix Httpoxy a CGI application vulnerability on Linux or Unix for HAProxy, Varnish, Nginx, PHP, Go, Python, Tomcat and others?
[click to continue…]

Sysadmin because even developers need heroes!!!

How To Patch and Protect Linux Server Against the Glibc GHOST Vulnerability # CVE-2015-0235

A very serious security problem has been found in the GNU C Library (Glibc) called GHOST. How can I fix GHOST vulnerability and protect my Linux server against the attack? How do I verify that my server has been fixed against the Glibc GHOST vulnerability?
[click to continue…]

Q. When I run make install clean for php5-extensions port, I’m dumped with the following error:

/usr/ports/sysutils/php5-posix
===> php5-posix-5.2.6 has known vulnerabilities:
=> php — input validation error in posix_access function.
Reference: < http://www.FreeBSD.org/ports/portaudit/ee6fa2bd-406a-11dd-936a-0015af872849.html >
=> Please update your ports tree and try again.
*** Error code 1

Stop in /usr/ports/sysutils/php5-posix.
*** Error code 1

Stop in /usr/ports/lang/php5-extensions.
*** Error code 1

Stop in /usr/ports/lang/php5-extensions.

How do I fix this error?
[click to continue…]

Debian / Ubuntu Linux Public key Blacklisted (see ssh-vulnkey(1)) Error and Solution

Q. When ever I try to login to my remote Debian Linux server called in013.example.com, I get the following error message in /var/log/auth.log file:

Jul 1 17:04:36 in013 sshd[14447]: Public key 48:de:55:22:xx:yy:zz:yy:xx:yy:zz:yy::88:e8:87:47 blacklisted (see ssh-vulnkey(1))
Jul 1 17:04:36 in013 sshd[14447]: Public key 48:de:55:22:xx:yy:zz:yy:xx:yy:zz:yy::88:e8:87:47 blacklisted (see ssh-vulnkey(1))

I’m using Ubuntu Linux as desktop operating system. How do I fix this error?
[click to continue…]