apache « Tips On Security

Kirill Ermakov recently posted a study he did of SELinux protections against a vulnerable Apache server. After reading the study you might come a way with the idea that SELinux did not block anything

Read the original:
Dan Walsh's Blog – SELinux Apache Security Study

Comments (0)

July 25, 2012

Server Configuration – Basic Security Part 7 « Coffee on the Keyboard

Filed under: Security — Tags: apache, apache-or-nginx, posts-on-web, probably-spent, Security, seventh, the-seventh, time-configuring, web-application — admin @ 2:27 pm

NB: This is the seventh post in a series of posts on web application security .

Continued here:
Server Configuration – Basic Security Part 7 « Coffee on the Keyboard

Comments (0)

July 3, 2012

Red Hat Security Advisory 2012-1053-01 ≈ Packet Storm

Filed under: Security — Tags: advisory, ajp, apache, based-load, forwards-requests, from-httpd, https, Security, server — admin @ 4:28 pm

Red Hat Security Advisory 2012-1053-01 – mod_cluster is an Apache HTTP Server based load balancer that forwards requests from httpd to application server nodes. It can use the AJP, HTTP, or HTTPS protocols for …

Continue reading here:
Red Hat Security Advisory 2012-1053-01 ≈ Packet Storm

Comments (0)

Red Hat Security Advisory 2012-1052-01 ≈ Packet Storm

Filed under: Security — Tags: advisory, ajp, apache, based-load, forwards-requests, from-httpd, https, Security, server — admin @ 4:28 pm

Red Hat Security Advisory 2012-1052-01 – mod_cluster is an Apache HTTP Server based load balancer that forwards requests from httpd to application server nodes. It can use the AJP, HTTP, or HTTPS protocols for …

Comments (0)

Debian Security Advisory 2506-1 ≈ Packet Storm

Filed under: Security — Tags: advisory, apache, debian-linux, linux, malware-research, qualys, qualys-vulnerability, Security — admin @ 4:26 pm

Debian Linux Security Advisory 2506-1 – Qualys Vulnerability and Malware Research Labs discovered a vulnerability in ModSecurity, a security module for the Apache webserver. In situations where present in HTTP headers, …

Go here to see the original:
Debian Security Advisory 2506-1 ≈ Packet Storm

Comments (0)

May 22, 2012

Red Hat Security Advisory 2012-0679-01 ≈ Packet Storm

Filed under: Security — Tags: advisory, apache, apache-tomcat, enterprise, includes-the-tomcat, java, pages, Security, server, server-pages, servlet-container, tomcat, tomcat-native — admin @ 12:22 am

Red Hat Security Advisory 2012-0679-01 – Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. JBoss Enterprise Web Server includes the Tomcat Native library, providing Apache …

Read this article:
Red Hat Security Advisory 2012-0679-01 ≈ Packet Storm

Comments (0)

May 11, 2012

Red Hat Security Advisory 2012-0570-01 ≈ Packet Storm

Filed under: Security — Tags: advisory, apache, command-line, commonly-used, php, Security, the-php-cgi, the-way — admin @ 9:47 pm

Red Hat Security Advisory 2012-0570-01 – PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the php-cgi executable processed command line …

See the rest here:
Red Hat Security Advisory 2012-0570-01 ≈ Packet Storm

Comments (0)

May 10, 2012

Debian Security Advisory 2468-1 ≈ Packet Storm

Filed under: Security — Tags: advisory, apache, arbitrary-amounts, debian-linux, file-formats, linux, microsoft, microsoft-office, poi, processing-crafted, Security — admin @ 4:02 am

Debian Linux Security Advisory 2468-1 – It was discovered that Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents.

Excerpt from:
Debian Security Advisory 2468-1 ≈ Packet Storm

Comments (0)

Older Posts »