Albertech.net » security

Albertech.net » security http://albertech.net Guides and Reviews for WordPress, PHP, MySQL, Apache, CMS Systems, jQuery, and other Technologies Fri, 11 May 2012 23:39:47 +0000 en hourly 1 http://wordpress.org/?v=3.3.2 PHP 5.4.3 and PHP 5.3.13 released – important security fix for php cgi http://albertech.net/2012/05/php-5-4-3-and-php-5-3-13-released-important-security-fix-for-php-cgi/ http://albertech.net/2012/05/php-5-4-3-and-php-5-3-13-released-important-security-fix-for-php-cgi/#comments Fri, 11 May 2012 22:45:47 +0000 admin http://albertech.net/?p=1018 php-cgi, there is a major vulnerability that will allow attackers to view and run PHP source code on your site. Resources on the vulnerability: http://blog.spiderlabs.com/2012/05/honeypot-alert-active-exploit-attempts-for-php-cgi-vuln.html http://blog.sucuri.net/2012/05/php-cgi-vulnerability-exploited-in-the-wild.html http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/

Many nginx setups use php-cgi, so it is critical to patch PHP to the latest version or apply the recommended fixes through Apache Rewrite.
Mod_php and php-fpm systems are not vulnerable to this attack. Most Apache web server setups use the mod_php method for PHP.

If you are running an older version of PHP and cannot update to 5.3, you can try using Apache rewrite rules. Here's ... ]]> http://albertech.net/2012/05/php-5-4-3-and-php-5-3-13-released-important-security-fix-for-php-cgi/feed/ 0 CodeIgniter 1.7.2 Security Patch http://albertech.net/2010/08/codeigniter-1-7-2-patch/ http://albertech.net/2010/08/codeigniter-1-7-2-patch/#comments Sat, 14 Aug 2010 06:33:59 +0000 admin http://albertech.net/?p=440 http://codeigniter.com/download_files/CI_1.7.2_201007_sec_patch.zip and unzip the file to the Code Igniter system/libraries folder.]]> http://albertech.net/2010/08/codeigniter-1-7-2-patch/feed/ 0 VMWARE Server 2.02 Update http://albertech.net/2009/11/vmware-server-2-02-update/ http://albertech.net/2009/11/vmware-server-2-02-update/#comments Fri, 13 Nov 2009 19:29:04 +0000 admin http://albertech.net/?p=317 http://albertech.net/2009/11/vmware-server-2-02-update/feed/ 1 WordPress 2.8.2 Released http://albertech.net/2009/07/wordpress-2-8-2-released/ http://albertech.net/2009/07/wordpress-2-8-2-released/#comments Wed, 22 Jul 2009 17:11:51 +0000 admin http://albertech.net/?p=220 WordPress 2.8.2 has been released. This affects both WordPress and WordPress MU. I recommend upgrading your current version since it contains a security fix.

WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site.

For more details, visit: http://wordpress.org/development/2009/07/wordpress-2-8-2/ You can automatically upgrade WordPress within your control panel, or manually upgrade via: http://wordpress.org/download/ WordPress MU download: http://mu.wordpress.org/download/]]> http://albertech.net/2009/07/wordpress-2-8-2-released/feed/ 0