Overview POODLE is an security vulnerability in SSLv3 discovered by Google. POODLE stands for Padding Oracle On Downgraded Legacy Encryption. All the websites supporting SSLv3 is vulnerable to POODLE, even if it also supports more recent versions of TLS. Using POODLE a hacker run Man-in-the-middle attacks attacks in your network[...]
Read moreCategory: Vulnerabilities & Fixes
Sweet 32 Attack - Apache
Overview Sweet32 affects TLS ciphers, also OpenSSL consider Triple DES cipher is now vulnerable as RC4 cipher . The DES ciphers (and triple-DES) only have a 64-bit block size. This enables an attacker to run JavaScript in a browser and send large amounts of traffic during the same TLS connection, creating[...]
Read moreSweet 32 Attack - IHS
Overview Sweet32 affects TLS ciphers, also OpenSSL consider Triple DES cipher is now vulnerable as RC4 cipher . The DES ciphers (and triple-DES) only have a 64-bit block size. This enables an attacker to run JavaScript in a browser and send large amounts of traffic during the same TLS connection,[...]
Read moreDenial of Service or Slow Loris – Apache/IHS
Overview A Slowloris or Slow HTTP DoS attack is a type of denial of service that can affect thread-based web servers such as Apache. This means that your Apache web servers for Faspex or Console are vulnerable to this attack (applications based on nginx, such as Shares, are safe). The attack exploits[...]
Read moreArbitary File Download Vulnerability
Overview Some websites may provide file viewing or download functionality because of business needs. If you do not limit user from viewing or downloading files, a malicious user may attempt to view or download any file from your server. Attackers may construct malicious requests to download sensitive files from the[...]
Read moreOracle WebLogic Java Deserialization Vulnerability (CVE-2018-2628)
Overview Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server via unsafe deserialization of Java objects. Successful[...]
Read moreDisable WebServer Banner Apache/IHS
Overview Don’t display or send Apache version (Set ServerTokens) By default, the server HTTP response header will contains apache and php version. Something similar to the following. This is harmful, as we don’t want an attacker to know about the specific version number. Apache can reveal information by default configuration,[...]
Read moreWebserver Directory traversal
Webserver Directory traversal Overview File path traversal attack or directory traversal attack in web application is a common security issue.In this a hacker can get access to the files or directories of a webserver through the web url which will lead to major security issues. If you are using Apache[...]
Read morePOODLE fix in Weblogic
POODLE fix in Oracle weblogic server Overview Newer versions of web browsers (e.g. Chrome) are now configured with policies which only allow websites or portal which enforce the strongest encryption technology to be viewed. SSL version 3 is no more secure due to POODLE attack. Most of the browser[...]
Read moreOracle Weblogic Basic Authentication
Overview Oracle WebLogic Server authentication is enabled by default. However, this configuration prevents Oracle WebLogic Server from using application managed authentication. You must disable Oracle WebLogic Server authentication by setting the enforce-valid-basic-auth-credentials parameter to false. Procedure To disable Oracle WebLogic Server authentication: In a text editor, open the xmlfile from the domain folder. The config.xml file is in the Oracle/Middleware/user_projects/domains/domain_name/config directory. Locate the <security-configuration> Add the[...]
Read more