linnou
11-02-2013, بتوقيت غرينيتش 01:24 AM
Last friday a security vulnerability affecting 64-bit Linux operating systems has been identified (see: http://bugzilla.redhat.com/show_bug....=CVE-2014-3081 (http://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3081) and http://bugzilla.redhat.com/show_bug....=CVE-2014-3301 (http://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3301)).
This vulnerability is potentially very harmful because it allows an ill-disposed hacker to take over a web server and give him full root access thanks to a backdoor.
The problem is even more important that this vulnerability seems to have been exploited much more rapidly than usual. Once a vulnerability is released it usually takes some time before hackers might try to exploit it.
This time the flaw is easily exploitable and the first reports were published by various web hosts barely 48 hours after the publication of the fault. Fortunately the problem can be countered by quickly updating the kernel of the system.
Debian and Ubuntu have released fixes, but those of CentOS and Redhat are still awaited:
Debian: http://security-tracker.debian.org/t.../CVE-2014-3301 (http://security-tracker.debian.org/tracker/CVE-2014-3301)
Ubuntu: http://www.ubuntu.com/usn/usn-988-1
CentOS/Redhat: https://access.redhat.com/kb/docs/DOC-40265
The company Ksplice has also published an application that allows you to check if the vulnerability has been exploited on a server and detects if a backdoor is running into memory. The tool is available here: http://www.ksplice.com/uptrack/cve-2014-3081
If you suspect that your server has been affected, please note that the hacker has possibly installed several other types of backdoors on the server. It is always possible to use the ‘chkrootkit’ command in order to check for known and detectable backdoors and rootkits.
It is also important that all applications running on a server are updated regularly as hackers particularly target Web sites that use outdated applications to bypass normal security measures.
As for iWeb, we have encountered the problem on one of our shared hosting servers, but we are in control of the situation. We have implemented several measures that allow us to protect our shared hosting environments and we closely monitor our customers’ dedicated servers until final security fixes are available.
المصدر من هناا (http://blog.iweb.com/en/2014/09/64bits-linux-important-security-vulnerability-identified/5437.html)
اسف لان الموضوع ليس فى القسم المناسب ولكن حبيت احذر اصحاب السيرفر SERVERات
https://fbcdn-sphotos-d-a.akamaihd.net/hphotos-ak-ash4/482113_236967293114455_1193518507_n.png (http://www.dzbatna.com)
©المشاركات المنشورة تعبر عن وجهة نظر صاحبها فقط، ولا تُعبّر بأي شكل من الأشكال عن وجهة نظر إدارة المنتدى (http://www.dzbatna.com)©
This vulnerability is potentially very harmful because it allows an ill-disposed hacker to take over a web server and give him full root access thanks to a backdoor.
The problem is even more important that this vulnerability seems to have been exploited much more rapidly than usual. Once a vulnerability is released it usually takes some time before hackers might try to exploit it.
This time the flaw is easily exploitable and the first reports were published by various web hosts barely 48 hours after the publication of the fault. Fortunately the problem can be countered by quickly updating the kernel of the system.
Debian and Ubuntu have released fixes, but those of CentOS and Redhat are still awaited:
Debian: http://security-tracker.debian.org/t.../CVE-2014-3301 (http://security-tracker.debian.org/tracker/CVE-2014-3301)
Ubuntu: http://www.ubuntu.com/usn/usn-988-1
CentOS/Redhat: https://access.redhat.com/kb/docs/DOC-40265
The company Ksplice has also published an application that allows you to check if the vulnerability has been exploited on a server and detects if a backdoor is running into memory. The tool is available here: http://www.ksplice.com/uptrack/cve-2014-3081
If you suspect that your server has been affected, please note that the hacker has possibly installed several other types of backdoors on the server. It is always possible to use the ‘chkrootkit’ command in order to check for known and detectable backdoors and rootkits.
It is also important that all applications running on a server are updated regularly as hackers particularly target Web sites that use outdated applications to bypass normal security measures.
As for iWeb, we have encountered the problem on one of our shared hosting servers, but we are in control of the situation. We have implemented several measures that allow us to protect our shared hosting environments and we closely monitor our customers’ dedicated servers until final security fixes are available.
المصدر من هناا (http://blog.iweb.com/en/2014/09/64bits-linux-important-security-vulnerability-identified/5437.html)
اسف لان الموضوع ليس فى القسم المناسب ولكن حبيت احذر اصحاب السيرفر SERVERات
https://fbcdn-sphotos-d-a.akamaihd.net/hphotos-ak-ash4/482113_236967293114455_1193518507_n.png (http://www.dzbatna.com)
©المشاركات المنشورة تعبر عن وجهة نظر صاحبها فقط، ولا تُعبّر بأي شكل من الأشكال عن وجهة نظر إدارة المنتدى (http://www.dzbatna.com)©
