Highest Voted 'vulnerabilities' Questions - Server Fault Stack Exchange

0

votes

1 answer

Http 1.1 protocol detected

I have a CentOS server and we had a Retina security scan. I have no idea how to fix this vulnerability. Can you point me in the right direction? We are running nginx.

nginx vulnerabilities security

asked Oct 08 '14 at 20:51

user1130176

173
1
10

0

votes

1 answer

Disinfecting a Supermicro IPMI Board

The IPMI board on one of our servers seems to have become infected - we were hit by the "password in the clear" vulnerability - and it seems to have allowed something to have infected by a bot that launched a DDoS attack. Right now, we've taken it…

ipmi supermicro vulnerabilities

asked Sep 08 '14 at 18:45

Miles Fidelman

31
1

0

votes

1 answer

Client Side Negotiation

I have -MultiViews set and SSLInsecureNegotation off ( in ifmodule of mod_ssl.c) in Apache. But still vulnerability report says I am vulnerable to client side negotiation and "This server is vulnerable to MITM attacks because it supports insecure…

apache-2.2 rhel5 vulnerabilities security

asked Jan 11 '13 at 16:41

Novice User

161
1
6

0

votes

2 answers

Security track record of unix programs

I'm looking for a database with all the noteworthy unix programs with a timeline of vulnerabilities found in that individual product in some categories (remote/local, DoS, privilege elevation, data execution), and and average, how often these things…

security vulnerabilities

asked Jul 17 '11 at 09:57

vbence

213
2
12

0

votes

3 answers

tomcat problems in vulnerability scan

I was hoping someone could point me in the right direction. I have a server which is hosting a client's website and they run a Vulnerability scan every so often to see everything's in working order. Recently there's been a problem. 'Apache Tomcat…

tomcat vulnerabilities

asked Jul 04 '11 at 16:49

williamsowen

1,167
3
16
25

0

votes

2 answers

Hardening Apache server

Possible Duplicate: Tips for Securing a LAMP Server. I want to learn about hardening and securing Apache server. Can anybody suggest me very detailed web resource. I also want to learn history of different vulnerabilities existed in Apache,…

linux windows apache-2.2 security vulnerabilities

asked Jan 24 '11 at 13:12

user58859

518
3
8
17

0

votes

2 answers

images security

How I can check all my images on server, they don't prepared with maulicious code ? I mean for example Gif PHP exploits and so on...

exploit vulnerabilities security

asked Oct 18 '10 at 12:08

astropanic

307
2
5
18

0

votes

2 answers

Post Vulnerability Actions

To protect the guilty I will avoid names... I know of a site that last night went down. Sort of. For about 5 hours all requests to this asp.net site were producing a YSOD. The details that were spit out included the impersonation tag showing that…

security iis asp.net vulnerabilities

asked Aug 24 '10 at 12:58

keithwarren7

186
2
8

0

votes

1 answer

Advice on keeping cloud server secure? (linux)

I'm able to take a basic linux distro (stable Ubuntu Server) and install everything I need to get my web apps up and running. (Django, Rails, PHP etc...) But after all of that I would appreciate some advice on security. Here is my current…

security maintenance cloud-hosting vulnerabilities

asked Jul 29 '10 at 02:57

Todd

121
1
2

0

votes

2 answers

Prevent malicious vulnerability scan increasing load on a server

this week we have been suffering some malicious vulnerability scans to our servers, increasing the load on them, making them nearly unusable. The attack is easy to defend, just blocking the offending ip, but only after discovering it. Is there any…

vulnerabilities

asked Mar 12 '10 at 23:17

Simon

875
2
12
22

0

votes

1 answer

Looking for CIS Benchmark script for CentOS 7

I am not sure this is the right place to ask this. I apologize if it is not. I have few CentOS machines that is running 7.7 version. And I need to do a CIS benchmark for finding any vulnerabilities. I already have the PDF document for all the…

centos centos7 vulnerabilities

asked Jul 13 '23 at 13:01

Jananath Banuka

151
2
6

0

votes

0 answers

How to get the exact IP addresses of the hosts from Tenable.io

I am trying to figure out way to get the exact IP addresses of the hosts from Tenable.io. Is there a way to do it?

vulnerabilities

asked Jun 23 '23 at 06:14

truthtriumphs

59
1
10

0

votes

2 answers

nmap vuln script detects vulnerability "Apache byterange filter DoS http-vuln-cve2011-3192" in Ubuntu Webserver, but apache2 not installed on server

I am running an Ubuntu 20.04 LEMP (Linux, Nginx, MariaDb, PHP) webserver. I am also doing some nmap vulnerability tests form my MacOS Client machine. On MacOS, I am using Oh My Zsh! with the nmap plugin enabled. To do some vulnerability tests on my…

nginx ubuntu apache2 vulnerabilities

asked Feb 17 '23 at 19:53

DanRan

73
1
3
22

0

votes

0 answers

Can I redirect one specific url in Nginx for WordPress?

I want to redirect one specific url in Nginx to 'not found' or 'hidden' url: /wp-admin/load-scripts.php?c=1&load[]=jquery-effects-blind reason: https://hackerone.com/reports/925425 my codes in nginx.conf are, it's not working :( server { listen…

nginx php security vulnerabilities

asked Sep 27 '21 at 07:20

Ricky

1

0

votes

0 answers

What is best practice for reporting vulnerability scans?

While reading our logs I came across several requests that seems to be scanning for vulnerabilities on our web app. 2021-09-25T17:32:44.164858+00:00 app[web.1]: 54.39.216.121 - - [25/Sep/2021:17:32:44 +0000] "GET…

whois vulnerabilities abuse

asked Sep 25 '21 at 18:18

dotnetCarpenter

133
1
5

Questions tagged [vulnerabilities]