Originally Posted by [s] During my regular job, I unravelled an interesting vulnerability of Unauthenticated File Upload in Oracle E-business Suite 0-day vulnerability. This particular Upload Bug can be easily used to upload files on the web-server and also an attacker can flood the hard-disk of the server,thus making it easier for an attacker to leverage the vulnerability remotely. Oracle released Critical Patch Update containing security fixes for the Oracle E-Business Suite. This vulnerability is remotely ...
I started my day with my regular Malware Cleanup activity and came across an interesting backdoor web shell file on the server. The server is not specific to any particular environment, it was one of the regularly updated WordPress package with the plugin RevSlider Plugin ver. 4.1.4 . I initiated the process to detect the backdoors and web malwares, and got a hit on a malicious .htaccess file which was redirecting hxxp://m.mobi-avto.ru as shown below: ...
CVE-2015-0235 Ghost (glibc gethostbyname buffer overflow) Vulnerability is serious cause for all Linux servers. This vulnerability leveraged to execute remote and code execution on the victim Linux server. The vulnerability found By Qualys Researcher and patched in GNU. What is the cause ? The bug is in __nss_hostname_digits_dots() function of function of the GNU C Library (glibc), and location of the path is file for non-reentrant version is nss/getXXbyYY.c , which ...
Updated 01-29-2015 at 10:16 AM by [s]
Originally Posted by [s] First check version of the openSSL Code: openssl version -b openssl version -a If it is already updated, then no need to worry about it . If your OpenSSL is not updated then execute following commands to update OpenSSL. Code: sudo apt-get update Once this finishes, upgrade openssl: Code: sudo apt-get upgrade openssl Regenerate your SSL certificate , follow the link to regenerating SSL Certificate ...
openssl version -b openssl version -a
sudo apt-get update
sudo apt-get upgrade openssl
Blog Categories
Recent Visitors
Archive
![[s]'s Avatar](image.php?s=253643d95409430615e03b1992a5775c&u=238&dateline=1311709864&type=profile)
Go to Profile
Mark as Read