Thousands of Applications Vulnerable to RCE via jQuery File Upload
The flaw has existed for eight years thanks to a security change in Apache. Continue reading Thousands of Applications Vulnerable to RCE via jQuery File Upload
Category Archives: Apache
Shodan, Apache, ICS, and Controllers – Paul’s Security Weekly #579
How to use the Shodan search engine to secure an enterprise’s internet presence, Apache access vulnerability could affect thousands of applications, vulnerable controllers could allow attackers to manipulate marine diesel engines, & ICS Secur… Continue reading Shodan, Apache, ICS, and Controllers – Paul’s Security Weekly #579
Popular website plugin harboured a serious 0-day for years
The flaw in the popular file uploader allows an attacker to upload files and run their own command line shell on any affected server. Continue reading Popular website plugin harboured a serious 0-day for years
In apache, why www-data owner of a web application directory is safer than recursive 777?
I have ubuntu 16.04 LTS and I am running my php web application through Apache (php-fpm). I am little concerned about files and directory permissions. Many links are suggesting that I should keep owner www-data or apache (Dep… Continue reading In apache, why www-data owner of a web application directory is safer than recursive 777?
SSL Certificates and Private Key passhprases
I’m trying to put together a new PKI program for my company, and I’m a little turned around on the concept of Private Keys and passphrases.
We’d like to implement Microsoft Active Directory Certificate Services (AD CS) to i… Continue reading SSL Certificates and Private Key passhprases
Input sanitization: Pitfalls in rolling your own – securing DSLs
Pretext
I’m in the middle of deploying Apache Solr as a search backend. Solr is using its own query language, for an example:
search(s2, q=author:”user_str”, fl=”id,title,authors”, sort=”id asc”, qt=/export)
There, user_s… Continue reading Input sanitization: Pitfalls in rolling your own – securing DSLs
Is there a way to scan apache log for malicious traffic? [closed]
Let’s say that we have arbitrary apache log, something like:
157.55.39.243 – [13/Sep/2018:06:29:29 -0300] “GET /pbh/ecp/comunidade.do?app=financas&pg=5565&tax=37049 HTTP/1.1” 302 275 “-” “Mozilla/5.0 (compatible; bin… Continue reading Is there a way to scan apache log for malicious traffic? [closed]
Apache Modsec Detects CSS code as unix command
I’m using Apache’s mod_security module with OWASP rules to protect my website, But it detects some CSS code as unix commands and returns a 403 Forbidden error.
Example code:
#top-categories a .circle {
top: 50%;
}
It … Continue reading Apache Modsec Detects CSS code as unix command
Is it okay to have your SSL cert showing when server is reached by IP?
I’ve been doing some research into SSL for a paper for school, so please forgive my ignorance and lack of experience in this subject. While doing my research I have noticed that some websites when you do a nslookup on them an… Continue reading Is it okay to have your SSL cert showing when server is reached by IP?
Apache Struts & SonicWall’s GMS exploits key targets of Mirai & Gafgyt IoT malware
By Waqas
Security researchers at Palo Alto Networks’ Unit 42 have discovered modified versions of the notorious Mirai and Gafgyt Internet of Things (IoT) malware. The malware have the capability of targeting flaws that affect Apache Struts and SonicWal… Continue reading Apache Struts & SonicWall’s GMS exploits key targets of Mirai & Gafgyt IoT malware