Browsing articles tagged with "vulnerabilities - Admins Goodies"
May 25, 2012
tom

PHP eval(gzinflate(base64_decode(..))) hack – how to prevent it from occurring again?

We recently had a website hacked, where some PHP code was injected into the index.php file that looked something like: eval (gzinflate(base64_decode(‘s127ezsS/…bA236UA1′))); The code was causing another php file (cnfg.php) to be included, which was causing some pharmaceutical-related spam to be displayed (but only visible to googlebot et al). This looks like the pharma hack for wordpress, except we’re not running said software. The code has since been removed, but I’d like to prevent such […]

Continue Reading »
Jan 11, 2012
tom

Does being the target of a DoS attack imply a vulnerability of my operating system?

Does being the target of a denial of service (DoS) attack imply a vulnerability of my operating system? In a word, “No”. The aim of a denial of service attack is to slow down or block the attacked system. Think of it as someone calling your phone over and over and over again. Regardless of whether you answer/hang up or just let it ring… other (legitimate) people trying to reach you will get a “busy” […]

Continue Reading »
Nov 24, 2011
tom

How to check that a known Windows Vulnerability has been patched?

Is there a way in Windows to check that say Security Bulletin MS**-*** or CVE-****-***** has been patched? e.g. something akin to RedHat’s rpm -q –changelog service Windows 2008 R2 SP1 Running SystemInfo against your server (systeminfo /s $SERVER) should also list installed hotfixes. Hotfix(s): 333 Hotfix(s) Installed. [161]: IDNMitigationAPIs – Update [162]: NLSDownlevelMapping – Update [163]: KB929399 [164]: KB952069_WM9 [165]: KB968816_WM9 [166]: KB973540_WM9L [167]: KB936782_WMP11 Check more discussion of this question. Bookmark on Delicious […]

Continue Reading »
Oct 24, 2011
tom

Convenient source for information on known exploits (not theoretical)

Forgive me if this question has been asked before or is off-topic. The past couple of security patches I’ve installed have been discovered from reading news articles, which publicly discuss security vulnerabilities that apply to software on my servers. Here are two examples of such exploits that I have read from an article. Apache Fixes Range Header Flaw, Again New JBOSS Worm Infecting Unpatched Servers Needless to say I am not pleased that I had […]

Continue Reading »
Aug 23, 2011
tom

Web Application Vulnerability Scanner suggestions?

I’m looking for a new tool for the ol’ admin toolkit and would value some suggestions. I would like to do some “automated” testing of handful of websites for XSS (cross site scripting) vulns, along with checking for SQL injection opportunities. I realize that an automated tool approach isn’t necessarily the only or best solution, but I’m hoping it would give me a nice start. The sites I need to scan cover the range in […]

Continue Reading »
Aug 23, 2011
tom

How did Matasano get hacked?

from: http://seclists.org/fulldisclosure/2009/Jul/0388.html If I understand it best from the posts from: http://news.ycombinator.com/item?id=723798 the Matasano guys left sshd internet accesible – any proposed solutions for this (from a programming point-of-view) ? How did Matasano get hacked? That’s impossible to answer from the information in the post to Full Disclosure. However it’s always interesting to speculate, as they do give a little info away – # ./th3_f1n4l_s0lut10n www.matasano.com [-] Connecting to 69.61.87.163:22.. [/] Looking for valid non-root […]

Continue Reading »
Aug 22, 2011
tom

Operating System Vulnerability?

Does being the target of a DoS attack imply a vulnerability of my operating system? In a word, “No”. The aim of a denial of service attack is to slow down or block the attacked system. Think of it as someone calling your phone over and over and over again. Regardless of whether you answer/hang up or just let it ring… other (legitimate) people trying to reach you will get a “busy” signal. The person […]

Continue Reading »
Aug 21, 2011
tom

Postfix open relay

Greetings, Google says that I’m originating too many emails from my IP. Since I NEVER uses this smtp to originate emails, I suspect my postfix is somewhat misconfigured, so that I have an open relay google LOG entry: Oct 8 06:29:29 domU-12-31-39-00-C1-66 postfix/smtp[15217]: 79B661A0CC: to=<hashimptil@gmail.com>, relay=alt1.gmail-smtp-in.l.google.com[209.85.219.30]:25, delay=423271, delays=423209/0.03/31/31, dsn=4.7.0, status=deferred (host alt1.gmail-smtp-in.l.google.com[209.85.219.30] said: 421-4.7.0 [174.129.96.42] Our system has detected an unusual amount of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 […]

Continue Reading »
Aug 19, 2011
tom

Preventing vulnerability scripts from scanning apache server

Quick question for you all – fairly frequently in my httpd logs I see things like this: 66.11.122.194 – - [29/Jan/2010:11:06:44 +0000] “GET HTTP/1.1 HTTP/1.1″ 400 418 “-” “Toata dragostea mea pentru diavola” 66.11.122.194 – - [29/Jan/2010:11:06:44 +0000] “GET /roundcube//bin/msgimport HTTP/1.1″ 404 417 “-” “Toata dragostea mea pentru diavola” 66.11.122.194 – - [29/Jan/2010:11:06:44 +0000] “GET /rc//bin/msgimport HTTP/1.1″ 404 413 “-” “Toata dragostea mea pentru diavola” 66.11.122.194 – - [29/Jan/2010:11:06:44 +0000] “GET /mss2//bin/msgimport HTTP/1.1″ 404 415 […]

Continue Reading »
Aug 19, 2011
tom

Can someone explain what this vulnerability means?

I’m having a bit of a problem getting my head round what this vulnerability means, can someone help me understand this? I’m particularly puzzled by the RESULTS section. Why would source port 25 be any different from a random source port, they’re both originating from the outside world? Vulnerability: TCP Source Port Pass Firewall THREAT: Your firewall policy seems to let TCP packets with a specific source port pass through. IMPACT: Some types of requests […]

Continue Reading »
Pages:12»