Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [vulnerabilities]

85 questions
2
votes
3 answers

nmap vulnerability scan reports " smtps on port 465 ssl-dh-params" vulnerability, on Ubuntu 20.04 webserver. How to close the vulnerabilty?

I am running an Ubuntu 20.04 LEMP (Linux, Nginx, MariaDb, PHP) email/web server. I am also doing some nmap vulnerability tests form my MacOS Client machine. On MacOS, I am using Oh My Zsh! with the nmap plugin enabled. To do some vulnerability tests…
DanRan
  • 73
  • 1
  • 3
  • 22
2
votes
2 answers

Can someone explain what this vulnerability means?

I'm having a bit of a problem getting my head round what this vulnerability means, can someone help me understand this? I'm particularly puzzled by the RESULTS section. Why would source port 25 be any different from a random source port, they're…
Kev
  • 7,877
  • 18
  • 81
  • 108
1
vote
1 answer

Server infected by recent cryptojacking malware but different (?) entry point

One of my servers has been infected by this cryptojacking malware (reporting to the very same IP than in the article). It seems known for this malware to propagate through some Confluence vulnerabilities, however my server doesn't run Confluence,…
Skippy le Grand Gourou
  • 1,205
  • 17
  • 24
1
vote
0 answers

microcode_ctl vs kernel-firmware

I have read that CPU microcode updates are delivered by the kernel-firmware package and microcode_ctl is obsolete: Source #1 Source #2 But i believe this is not true because at the Red Hat Security Advisory they write, that an updated microcode_ctl…
user2933212
  • 197
  • 1
  • 6
1
vote
1 answer

Freebsd: pkg audit spread out in time over different servers

We have several Freebsd servers, where we check daily for vulnerabilities with pkg audit. Question: Very often, the same vulnerability is reported in some servers only, and then in some others the next day. The question is: why is that? More…
simlev
  • 1,105
  • 3
  • 14
  • 22
1
vote
2 answers

Is omitting a PC password within my Win 8.1 LAN constituting a security risk from the outside world?

In my Windows 8.1 LAN consisting of 14 computers, there are several servers which are dedicated to very specific tasks. (For example is the "Save Server" responsible to run a daily batch script, which does connect to various clients and robocopies…
Herb
  • 121
  • 5
1
vote
1 answer

CONNECT Method Allowed in HTTP Server Or HTTP Proxy Server Vulnerability

My setup details: OS : RHEL7 Webserver : Apache http server(SSL enabled) AppContainer : NodeJS Webserver connects to NodeJS via mod_proxy. I blocked the connect method in apache http server using below config. But still the…
Fred
  • 11
  • 3
1
vote
1 answer

Ways to follow newly discovered vulnerabilities?

I happened to be in a situation where I am in charge for 100+ systems on top of my job as a programmer. Everything we run is Linux (Debian, Ubuntu, Centos) and gladly our sysadmin set everything with chef, so security patches can be applied…
dimus
  • 317
  • 1
  • 3
  • 10
1
vote
0 answers

Understanding & Resolving Web Server Exploits

We recently had someone contact our company pointing out that we had numerous security threats that could be used to exploit our systems. They were nice enough to provide a list of these to which we are looking into now, however as we do not have…
Aidan Knight
  • 650
  • 3
  • 11
  • 19
1
vote
1 answer

Remotely Detect Windows Server Service Pack Level

One of our web servers just failed PCI-DSS compliance because the vulnerability scan detected the OS was Windows Server 2003 Service Pack 1 (obviously very outdated!). My question is how did the vuln scan detect this as I can't seem to find a way…
SnakeDoc
  • 570
  • 7
  • 24
1
vote
1 answer

Check that NLM is patched in Netware 6.5

We need to solve vulnerability CVE-2011-4191 "Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via…
ptt35t
  • 11
  • 1
1
vote
4 answers

Convenient source for information on known exploits (not theoretical)

Forgive me if this question has been asked before or is off-topic. The past couple of security patches I've installed have been discovered from reading news articles, which publicly discuss security vulnerabilities that apply to software on my…
maple_shaft
  • 171
  • 9
1
vote
1 answer

Log all outgoing mail created by php

I have Debian Linux server which serves several PHP sites. Today I received mail from Datacenter where they say my server is sending spam and attached spam message. This was really message from my server and I managed to find it in exim4…
Dmytro Leonenko
  • 456
  • 1
  • 7
  • 24
1
vote
3 answers

Does removing admin rights really mitigate 90% of Critical Windows 7 vulnerabilities found to date? as reported by beyondtrust.com

Beyondtrust.com published a report, somewhat recently, claiming among other quite compelling things, "90% of Critical Microsoft Windows 7 Vulnerabilities are Mitigated by Eliminating Admin Rights" Other interesting 'facts' they provide say that…
Jordan W.
  • 1,423
  • 1
  • 13
  • 20
1
vote
0 answers

How do I secure my PHP forms that communicate with my MySQL Server?

They are just the basic forms, they take in $input from the form and then store that directly in to the database, there is another form where it takes $input and searches for a hashed match for it. How can I secure this? $sql = "INSERT IGNORE INTO…
cwstack
  • 11
  • 2
1 2
3
4 5 6