Support

Blog

Browsing all articles tagged with exploit

Yet another SSL vulnerability has hit the news – the Poodle SSLv3 vulnerability.

Our servers are already patched against this (we’ve disabled SSLv2 and SSLv3 functionality, and use TLS).

You can check this on the 3rd party site here –

https://www.ssllabs.com/ssltest/analyze.html?d=mail.computersolutions.cn&s=211.144.68.16

Unfortunately this now means that Windows XP and IE6 are no longer supported.

Our rating from the SSLLabs checker is below.
Note that the A- rating is due to our certificate, not our security!

(We can only update that in 2016 when it comes up for renewal).

Screen Shot 2014-10-16 at 12.16.32 AM

SSL negotiation in use on our server
Screen Shot 2014-10-16 at 12.13.43 AM

Those of you who follow tech news may have heard about the HeartBleed vulnerability.

This is a rather large bug in SSL libraries in common use that allows an attacker to get unsolicited data from an affected server. Typically this data contains user / password details for user accounts, or secret keys used by servers to encrypt data over SSL.

Once the exploit was released, we immediately tested our own servers to see if we were vulnerable. We use an older non-affected version of SSL, so none of our services are/were affected.

Unfortunately a lot of larger commercial services were affected.

Yahoo in particular was slow to resolve the issue, and I would assume that any users passwords are compromised.

We ourselves saw user/passwords ourselves when we tested the vulnerability checker against Yahoo..

We advise you to change your passwords, especially if the same password was used other sites, as you can safely assume that passwords on other services are compromised.

I also strongly recommend this action for any users of online banking.

There is a list of affected servers here –
https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt

Further information about this vulnerability is available here –
http://heartbleed.com/

Foreword – Note that none of our servers are vulnerable to remote inclusion attacks.

For the most part, most of the exploits I covered in yesterdays post are common garden php vulnerability scans.
Some of them are more interesting though, although more for being encrypted, than anything else.

If I take an example from our log files:
Read more »

Archives

Categories

Tags

PHOTOSTREAM