mobile logo

Posts tagged Security

A privilege escalation vulnerability exists in Exim, the mail transfer agent used by cPanel & WHM. All MNX Solutions customers have been patched, and are no longer vulnerable to this privilege escalation vulnerability. If you are not an MNX Solutions customer, you should read the following page for details on how to correct the problem: From http://mail.cpanel.net/pipermail/news_cpanel.net/2010-December/000060.html: To resolve and work around the issue, for Linux-based systems cPanel has issued new Exim RPMs. The new version of Exim locks configuration file locations to the /etc/exim prefix as well as disabling use of the -D flag. Server Owners are strongly urged to upgrade to the …

Read More

What if you had to let someone go tomorrow for some unforeseen reason. Would you know all of the points that this person or company has access to? How can you be certain unless you keep track of these locations? Even if you know all the locations, do you understand the impact of modifying the users access? Was this users access tied to a critical cron job? Was this user account tied to MySQL access for performing monthly billing? What if this employee happened to own one of your domain names? Surprisingly, we see scenarios like this …

Read More

It has been mentioned in many places on the web, that a vulnerability in the 32-bit compatibility mode of the current Linux kernel (and previous versions) for 64-bit systems can be exploited to escalate privileges. The folks over at Ksplice have put together a patch that fixes this vulnerability, and a tool to check if your system has been compromised. More detail is available on the Ksplice Blog. RedHat / CentOS You can read the Redhat Bugzilla info associated with CVE-2010-3081 here: https://bugzilla.redhat.com/show_bug.cgi?id=634457. Details from the bug report The Red Hat Enterprise Linux 4 kernel is not affected by the publicly circulated exploit, but …

Read More

The Center for Internet Security¬† has a great list of security configuration and audit guidelines. A great resource comprised of 40+ consensus Security Configuration Benchmarks for Operating Systems, Middleware, Software Applications and Network Devices. The Benchmarks are: Recommended technical control rules/values for hardening operating systems, middleware and software applications, and network devices; Unique, because the recommendations are defined via consensus among hundreds of security professionals worldwide; Downloaded approximately 1 million times per year; Distributed freely by CIS in .PDF format (some are available to CIS Members only in XML format via the CIS Members web site); Used by thousands of enterprises as the basis for security configuration …

Read More

Many of you may have already read the news, but for those of you that have not here is a recap. But first, let me state that we have tested all of our customer's servers, and none have been compromised. An email was sent to the fedora-announce mailing list, it started with, "Last week we discovered that some Fedora servers were illegally accessed. The intrusion into the servers was quickly discovered, and the servers were taken offline." It goes on to say, "One of the compromised Fedora servers was a system used for signing Fedora packages. However, based on …

Read More

We deal with security related issues nearly every day. Many of these issues could be prevented with a few minor changes to php.ini along with the installation of mod_security. It is simply amazing how many machines are hacked, and then used for the sole purpose of sending spam, denial of service (DoS) attacks or Botnets. Security is a practice of managed risk. The strength of your system security is directly related to your commitment to managing your server. It is not realistic, or possible, to guarantee your system is completely secure. This will be an evolving document, please feel free …

Read More