Linux Shtuff

From nginx.org Hello! Greg MacManus, of iSIGHT Partners Labs, found a security problem in several recent versions of nginx. A stack-based buffer overflow might occur in a worker process while handling a specially crafted request, potentially resulting in arbitrary code execution (CVE-2013-2028). The problem affects nginx 1.3.9 – 1.4.0. The problem is fixed in nginx…

From blog.sucuri.net As if on queue, almost 7 days since we released the post about the latest W3TC and WP Super Cache remote command execution vulnerability, we have started to see attacks spring up across our network. In our post you might remember this: < !–mfunc echo PHP_VERSION; –>< !–/mfunc–> In this example we explained…

There is a known issue with Googlebot right now in which Googlebots are resetting TCP connections before the handshake completes. This causes the bot to not connect and will leave an error message in some customer’s Web Master Tools interface that look like this: /*Fetch Failure: The resource was unable to be fetched for some…

Remote Code Execution Vulnerability Disclosed From http://blog.sucuri.net Shame on us for not catching this a month ago when it was first reported, but it seems that two of the biggest caching plugins in WordPress have what we would classify a very serious vulnerability – remote code execution (RCE), a.k.a., arbitrary code execution:…

From http://blog.sucuri.net For the last few months we have been tracking server level compromises that have been utilizing malicious Apache modules (Darkleech) to inject malware into websites. Some of our previous coverage is available here and here. However, during the last few months we started to see a change on how the injections were being…

From http://linuxapachemysqlphp5.blogspot.com Restart Apache Ubuntu service apache2 restart /etc/init.d/apache2 restart apache2ctl restart CentOS /etc/init.d/httpd restart service httpd restart /sbin/service httpd restart Debian service apache2 restart /etc/init.d/apache2 restart apache2ctl restart Suse /usr/sbin/rcapache2 restart apache2ctl restart Fedora apachectl restart /sbin/service httpd restart RedHat /etc/init.d/httpd status service httpd restart /usr/local/apache2/bin/apachectl restart Quick little ref guide there… good to…

From hostgator.com There is a worldwide, highly-distributed WordPress attack that is ongoing. This attack is known to be using forged or spoofed IP addresses. We are actively blocking the most common attacking IP addresses across our server farm. The following steps can be used to secure (by password protection) wp-login.php for all WordPress sites in…

Howdy, Apparently some recent cPanel shenanigans have caused problems on some systems with the Perl Module Scalar::Utils. It appears that it may have been modified, removed or something similar. If this is the case, you may see cpan installs failing, EasyApache installs failing, /scripts/perlinstaller installs failing, and more. The errors will look something like: Undefined…

From code.google.com – ioping This tool lets you monitor I/O latency in real time. It shows disk latency in the same way as ping shows network latency. Install just download the sourcefile from ioping.googlecode.com wget https://ioping.googlecode.com/files/ioping-0.6.tar.gz tar -xzvf ioping-0.6.tar.gz cd ioping-0.6/ make ioping ./ioping Usage: ioping [-LCDRq] [-c count] [-w deadline] [-p period] [-i interval]…

From WHT The Epic Saga of the Lost Server “Lo, and in those days businesses relied on their hosting companies to provide them with excellent customer service, persistent uptimes, and rapid response during downtime events. But in that day, the god of lightning (for he is a fickle and capricious god) saw to it to…