[4eyes] [COE #52579] Vulnerabilities Found on 128.111.28.114 and 128.111.28.90
Matthew Turk
mturk at cs.ucsb.edu
Thu May 30 17:40:34 PDT 2013
Everyone please check your machine's IP address. We have two vulnerabilities that need to be addressed pronto - on machines 128.111.28.114 and 128.111.28.90. Please see the email below from IT. Also, please let me know if this is yours (not to assign blame, just so we know it's being taken care of).
Thanks,
Matthew
-----Original Message-----
From: Accepted via CoE Support [mailto:help at engineering.ucsb.edu]
Sent: Thursday, May 30, 2013 3:31 PM
To: turk at cs.ucsb.edu; vsc at oit.ucsb.edu
Subject: [COE #52579] Vulnerabilities Found on 128.111.28.114 and 128.111.28.90
The following reply has been made regarding CoE Support ticket #52579:
Hi Matthew, A recent scan by OIT revealed vulnerabilities in these two hosts.
I've attached the full report for your review, but basically Apache and PHP need to be updated to the latest version. The other vulnerability is on ilab-90 and involves debugging functions on the remote web server. I've included the entry below for that along with the solution. Please let us know if you have any questions,
Best regards,
Troy : )
REF:
Debugging functions are enabled on the remote web server.
Description :
The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections.
See also :
http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf
http://www.apacheweek.com/issues/03-01-24
http://download.oracle.com/sunalerts/1000718.1.html
Solution :
Disable these methods. Refer to the plugin output for more information.
Plugin output :
To disable these methods, add the following lines for each virtual host in your configuration file :
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE
-
--
Troy Smith : )
ECI Tech Support
University of California, Santa Barbara
help at engineering.ucsb.edu
More information about the Ilab-users
mailing list