Category: Security

  • Jboss Exploits

    There is a JBoss exploit out in the wild.  See http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0738 and https://access.redhat.com/kb/docs/DOC-30741 for details.

  • WordPress mass update script 3.1

    This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe (make sure you have spare disk space if your sites…

  • WordPress mass update script 3.05

    From the guys at wordpress We’ve fixed a pretty critical vulnerability in WordPress’ core HTML sanitation library, and because this library is used lots of places it’s important that everyone update as soon as possible. I realize an update during the holidays is no fun, but this one is worth putting down the eggnog for.…

  • WordPress mass update script 3.04 – Urgent

    From the guys at wordpress We’ve fixed a pretty critical vulnerability in WordPress’ core HTML sanitation library, and because this library is used lots of places it’s important that everyone update as soon as possible. I realize an update during the holidays is no fun, but this one is worth putting down the eggnog for.…

  • WORDPRESS MASS UPGRADE SCRIPT 3.0.2

    Its that time again, yet another release of wordpress is out, and this one seems important due to a few exploits. Read up here more about it http://wordpress.org/news/2010/11/wordpress-3-0-2

  • Disabling exploitable proftpds

    A stack overflow bug has been identified in ProFTPd.  This bug allows users to gain remote access (usually root) to an attacker.  This bug requires immediate attention and potentially a restore to the last backup image of your server. Information on the bug can be found here: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4221 We have been handling the issue per…

  • Security at home – encrypted home directories

    This isn’t directly server related at all, more for the home or office user who wants to make sure things are nice and secure. At the office we like to also make sure our desktops are fairly safe to connect from as well, mostly  in case the machines ever get stolen, we know our data…

  • Exploited VPS? phpmyadmin?

    Currently we are being inundated with scans and exploits looking for new machines to take over, most of these are using insecure phpmyadmin installs. If you are unsure if your box has been hacked then the things to look for are similar to this…

  • Old versions of PHPMyAdmin and Automated Scanning

    It has come to our attention that we have had a decent number of  alerts about machines scanning on our networks in the last day. All of them have been running hacks from /tmp named things like /tmp/dd_ssh etc. These files are owned and run by the apache user, and on further investigation all put…

  • WordPress Mass Upgrade Script 3.0.1

    This script will search /var/www (changeable in a variable) for any wordpress installs and make sure its upgraded to the latest version. It will run a backup to /root/wp_upgrade/ of all files and database before doing anything with the site in case of major catastrophe. It pays to check each site after the upgrade to…