Forwarded from DailyCVE
π΅CuteSoft Cute Editor cross-site scripting vulnerability:
https://dailycve.com/cutesoft-cute-editor-cross-site-scripting-vulnerability-0
https://dailycve.com/cutesoft-cute-editor-cross-site-scripting-vulnerability-0
Dailycve
CuteSoft Cute Editor cross-site scripting vulnerability | CVE
Details:
CuteSoft Cute Editor is an HTML editor made in the United States by CuteSoft that can be used for PHP and ASP editing. The Cute Editor for ASP.NET 6.4 has a cross-site scripting flaw that enables remote attackers to run scripts on the victim'sβ¦
Forwarded from DailyCVE
Dailycve
PHP security vulnerabilities | CVE
Details:
PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is a universal programming scripting language open source that the PHP project collectively manages. Mainly used for Web creation, this language supports various databases and operatingβ¦
Forwarded from DailyCVE
π΅Joomla!ACL write conflict vulnerability patch:
https://dailycve.com/joomlaacl-write-conflict-vulnerability-patch
https://dailycve.com/joomlaacl-write-conflict-vulnerability-patch
Dailycve
Joomla!ACL write conflict vulnerability patch | CVE
Details:
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from DailyCVE
π΅Vidyo clickjacking vulnerability CVE-2020-35735:
https://dailycve.com/vidyo-clickjacking-vulnerability-cve-2020-35735
https://dailycve.com/vidyo-clickjacking-vulnerability-cve-2020-35735
Dailycve
Vidyo clickjacking vulnerability CVE-2020-35735 | CVE
Details:
Vidyo is a platform from Vidyo, USA that is used to support video conferencing.
Vidyo update 02-09-/D has a clickjacking flaw. The weakness stems from X-Frame-Options and other methods of security not being set. This weakness can be used byβ¦
Forwarded from UNDERCODE NEWS
Japan's 5G hit directly by Corona, can it be rebuilt in 2021?
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ How to properly protect sysctl on Linux from spoofing and Syn flooding:
Includes protection against incorrect error messages
Enable SYN cookies to prevent the server from dropping connections when the SYN queue is full
Increase SYS queue size to 2048
W akryvayut state SYN_RECV compound pre
Decrease SYN_RECV timeout value to help mitigate SYN flood attack
Save and close the file.
π¦How to reload the configuration ?
You can reload the configuration with the command:
sudo sysctl -p
I found that the sysctl -p command did not load the tcp_max_syn_backlog correctly.
Only after a reboot was the value 2048 added.
So, after running the sudo sysctl -p command, enter the command:
sudo less / proc / sys / net / ipv4 / tcp_max_syn_backlog
Make sure the value shown is 2048.
If the value is less, restart the server.
At this point, your Linux server should be better protected against SYN attacks and IP spoofing.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ How to properly protect sysctl on Linux from spoofing and Syn flooding:
This configuration will be as follows:π¦How to edit sysctl config file ?
Disable IP forwarding
Disable packet forwarding
Disable accepting ICMP redirects
Enable protection against incorrect error messages
What you need:
Linux OS
User with sudo privileges
Log into your Linux server or desktop and open a terminal window.π¦In the terminal enter the command:
sudo nano /etc/sysctl.confπ¦The above settings do the following:
First required parameter:
# net.ipv4.ip_forward = 1
change to:
net.ipv4.ip_forward = 0
Next line:
# net.ipv4.conf.all.send_redirects = 0
change to:
net.ipv4.conf.all.send_redirects = 0
Find the line:
# net.ipv4.conf.all.accept_redirects = 0
change to:
net.ipv4.conf.all.accept_redirects = 0
Add the following line below that:
net.ipv4.conf.default.accept_redirects = 0
Finally, add the following lines to the end of the file:
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.tcp_synack_retries = 3
net.ipv4.netfilter.ip_conpntracktime
Includes protection against incorrect error messages
Enable SYN cookies to prevent the server from dropping connections when the SYN queue is full
Increase SYS queue size to 2048
W akryvayut state SYN_RECV compound pre
Decrease SYN_RECV timeout value to help mitigate SYN flood attack
Save and close the file.
π¦How to reload the configuration ?
You can reload the configuration with the command:
sudo sysctl -p
I found that the sysctl -p command did not load the tcp_max_syn_backlog correctly.
Only after a reboot was the value 2048 added.
So, after running the sudo sysctl -p command, enter the command:
sudo less / proc / sys / net / ipv4 / tcp_max_syn_backlog
Make sure the value shown is 2048.
If the value is less, restart the server.
At this point, your Linux server should be better protected against SYN attacks and IP spoofing.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from DailyCVE
Dailycve
Jsonpickle code issue vulnerability | CVE
Details:
Jsonpickle is a Python-based program developed by Jsonpickle's personal creator to support Python object serialization with Json.
Release 1.4.1 and previous versions of jsonpickle provide a code problem flaw that enables remote code executionβ¦
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from DailyCVE
π΅Egavilan Media EGM Address Book SQL injection leak:
https://dailycve.com/egavilan-media-egm-address-book-sql-injection-leak
https://dailycve.com/egavilan-media-egm-address-book-sql-injection-leak
Dailycve
Egavilan Media EGM Address Book SQL injection leak... | CVE
Details:
The Egavilan Media EGM Address Book is a communication information management site (address book) coordinated in the United States by Egavilan Media.
Version 1.0 of the EGavilan Media EGM Address Book has a SQL injection flaw. This vulnerabilityβ¦
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to configure a host-based intrusion detection system on CentOS?
One of the first security measures that any system administrator wants to deploy on its production server is a mechanism to detect file tampering-criminals tamper with not only file content, but also file attributes.
AIDE (full name "Advanced Intrusion Detection Environment") is a host-based open source intrusion detection system. AIDE checks the integrity of system binary files and basic configuration files by checking the inconsistency of many file attributes. These file attributes include permissions, file types, inodes, number of links, link names, users, user groups, and file sizes. , Block count, modification time, access time, creation time, access control list (acl), SELinux security context, xattrs and md5/sha checksum.
AIDE builds a file attribute database by scanning the file system of a (untampered) Linux server. Then, it checks the file attributes of the server against the database, and then issues a warning if there are any changes to the index file while the server is running. It is for this reason that whenever the system is updated or the configuration file is changed due to legitimate reasons, AIDE must re-index the protected files.
For some customers, their security policy may require some kind of intrusion detection system (IDS) to be installed on the server. But whether the customer requires IDS or not, it is a good practice for system administrators to deploy IDS.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to configure a host-based intrusion detection system on CentOS?
One of the first security measures that any system administrator wants to deploy on its production server is a mechanism to detect file tampering-criminals tamper with not only file content, but also file attributes.
AIDE (full name "Advanced Intrusion Detection Environment") is a host-based open source intrusion detection system. AIDE checks the integrity of system binary files and basic configuration files by checking the inconsistency of many file attributes. These file attributes include permissions, file types, inodes, number of links, link names, users, user groups, and file sizes. , Block count, modification time, access time, creation time, access control list (acl), SELinux security context, xattrs and md5/sha checksum.
AIDE builds a file attribute database by scanning the file system of a (untampered) Linux server. Then, it checks the file attributes of the server against the database, and then issues a warning if there are any changes to the index file while the server is running. It is for this reason that whenever the system is updated or the configuration file is changed due to legitimate reasons, AIDE must re-index the protected files.
For some customers, their security policy may require some kind of intrusion detection system (IDS) to be installed on the server. But whether the customer requires IDS or not, it is a good practice for system administrators to deploy IDS.
β β β Uππ»βΊπ«Δπ¬πβ β β β