Mar 5 |
FREAK: OpenSSL vulnerability (CVE-2015-0204)
Posted by Steve N on 05 March 2015 11:02 PM |
In January 2015, Red Hat Product Security addressed the CVE-2015-0204 vulnerability in OpenSSL with this advisory: RHSA-2015-0066. The vulnerability was rated as Background Information OpenSSL clients accepted EXPORT-grade (insecure) keys even when the client had not initially asked for them. This could be exploited using a man-in-the-middle attack, Impact While the use of EXPORT-grade ciphers is disabled by default in OpenSSL shipped with the latest versions of Red Hat Enterprise Linux (6.6 and 7.0), it can be enabled The version of OpenSSL shipped with Red Hat Enterprise Linux 5 is also affected. As Red Hat Enterprise Linux 5 is now in the Production 3 phase of the support and Resolution To eliminate the possibility of exploitation, install the updated OpenSSL packages that have been made available through this advisory: RHSA-2015-0066. To install the updates, use the yum package manager as follows: yum update To only update the OpenSSL package and its dependencies, use: yum update openssl
You can check the freak vulnerability using the following link "http://www.nagios.com/freak-vulnerability-tester" If you find your server still has this vulnerability, please feel free to contact our support ASAP. Read more » | |
Jan 28 |
GHOST Vulnerability ( CVE-2015-0235 )
Posted by Steve N on 28 January 2015 11:47 PM |
GHOST Vulnerability ( CVE-2015-0235 ) On 27 January 2015, a vulnerability in all versions of the GNU C library (glibc) was announced by Qualys. The issue was a buffer overflow during DNS hostname resolution. Disclosure of this issue was coordinated with the various operating system vendors and patches were made available by RedHat soon after the initial announcement went out. Impact The updated RPMs provided by RedHat, CentOS and CloudLinux should contain a changelog entry with the CVE number. You can check for this changelog entry with the following command:
https://documentation.cpanel.net/display/CKB/CVE-2015-0235+GHOST We have deployed updates to all servers which has ntServerGuard installed. Servers without ntServerGaurd are being patched/updated manually. If you find your server still has this vulnerability, please feel free to contact our support team ASAP. Read more » | |
Oct 16 |
POODLE -SSLv3 Vulnerability
Posted by Anthony N on 16 October 2014 05:23 PM |
POODLE stands for Padding Oracle On Downgraded Legacy Encryption. This vulnerability allows a man-in-the-middle attacker to decrypt ciphertext using a padding oracle side-channel attack. Please read more about this at the following URLs. https://access.redhat.com/node/1232123 http://www.percona.com/blog/2014/10/15/how-to-close-poodle-sslv3-security-flaw-cve-2014-3566/
We have deployed configuration changes to all servers which has ntServerGuard installed to disable SSLv3. Servers without ntServerGaurd are being patched manually. If you find your server still has this vulnerability, please feel free to contact our support team ASAP.
UPDATE * Patched OpenSSL package is relased already. For cPanel servers, package will be updated along with UPCP. We have pushed the update via ntSG already. Read more » | |
Sep 24 |
BASH vulnerability in RHEL based systems
Posted by Anthony N on 24 September 2014 10:29 PM |
There is a reported vulnerability for BASH on RHEL based distributions. This affetcs the following versions
Red Hat Enterprise Linux 4/5/6/7 CentOS 4/5/6/7
Please read more about it at https://access.redhat.com/articles/1200223
We have pushed the patch for this vulnerability to whole servers that we directly manage via ntServerGuard. The patch will be applied to whole servers with ntServerGuard in next few hours. For servers running without ntServerGuard, we have pushed updates manually. If you notice BASH is older on your server, please feel free to contact support.
PS :- We are aware that the security flaw is not completely fixed yet. We will keep an eye on it and we will deploy the changes as soon as the update is available.
WHAT WE HAVE DONE TO THIS =========================== 1. Deployed the BASH update to all servers as soon as the initial patch was available 2. When news were coming out saying it was an incomplete patch, mod_sec rule recommended by RedHat was deployed via ntServerGuard to prevent exploit via HTTP 3. When complete fix was availale, pushed the update via ntServerGuard
Read more » | |
Jun 5 |
OpenSSL security updates - CVE-2014-0224 and CVE-2014-0221
Posted by Anthony N on 05 June 2014 07:05 PM |
There is a security update for OpenSSL, which is marked as critical and recoemmended to update as soon as possible. You can read more about this at http://www.openssl.org/news/secadv_20140605.txt.
All the servers which come under Per Server Managed Plan are patched already
We are now pushing updates to the other managed servers now. Please email support[at]nixtree.com, if you need to know whether the update has been pushed to your servers already. Read more » | |
Apr 8 |
OpenSSL Heartbleed Vulnerability
Posted by Anthony N on 08 April 2014 04:35 PM |
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs). It is highly recommended that you upgrade OpenSSL on all of your servers to one of the patched versions and also ensure that any other software using OpenSSL is patched as well. It would also be a good idea to revoke any private keys as this vulnerability has apparently been known for a couple years now.
The patch has been applied to ALL our per server management clients already Read more » | |