During a code audit performed internally at Qualys, a buffer overflow in the GNU C Library (glibc) was found. Qualys worked closely with Linux distribution vendors to create a patch for all distributions impacted. Vendors made the patch available Wednesday January 28, 2015. GHOST exposes a buffer overflow that can be triggered locally and remotely… Read more »
Posts Categorized: Ubuntu
Introduction On October 14th, 2014, POODLE (Padding Oracle On Downgraded Legacy Encryption), a vulnerability in version 3 of the SSL encryption protocol was disclosed. This vulnerability allows an attacker to read information encrypted with this version of the protocol in plain text using a man-in-the-middle attack. Even though SSLv3 is an older version and is… Read more »
Managing Partner, David M. Zendzian, will be giving a short presentation on SSL/TLS protocol, security and configuration issues on Brighttalk tomorrow at 12 EST. SSL is a well designed protocol to ensure communications between two points are secured and that 3rd parties are not able to view the protected communications. As such many applications have… Read more »
A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly… Read more »
Build Your Own Debian/Ubuntu LAMP Server – Quick & Easy Do it Yourself Installation Apache 2 – Linux Web server MySQL 5 – MySQL Database Server PHP4/5 – PHP Scripting Language phpMyAdmin – Web-based database admin software. Note: Linux + Apache + MySQL + PHP/Perl together commonly known as LAMP Server.