[4eyes] [COE #52579] Vulnerabilities Found on 128.111.28.114 and 128.111.28.90

Byungkyu Kang bkang at umail.ucsb.edu
Thu May 30 22:37:53 PDT 2013 

Hi Matthew,

These two IP adresses seem to be my computer and a linux server in the trailer. I will take the following actions in the early morning tomorrow.

Thanks,
Jay

On May 30, 2013, at 5:41 PM, "Matthew Turk" <mturk at cs.ucsb.edu> wrote:

> Everyone please check your machine's IP address. We have two vulnerabilities that need to be addressed pronto - on machines 128.111.28.114 and 128.111.28.90. Please see the email below from IT. Also, please let me know if this is yours (not to assign blame, just so we know it's being taken care of).
> 
> Thanks,
>    Matthew
> 
> -----Original Message-----
> From: Accepted via CoE Support [mailto:help at engineering.ucsb.edu] 
> Sent: Thursday, May 30, 2013 3:31 PM
> To: turk at cs.ucsb.edu; vsc at oit.ucsb.edu
> Subject: [COE #52579] Vulnerabilities Found on 128.111.28.114 and 128.111.28.90
> 
> The following reply has been made regarding CoE Support ticket #52579:
> 
> Hi Matthew, A recent scan by OIT revealed vulnerabilities in these two hosts.
> I've attached the full report for your review, but basically Apache and PHP need to be updated to the latest version. The other vulnerability is on ilab-90 and involves debugging functions on the remote web server. I've included the entry below for that along with the solution. Please let us know if you have any questions,
> 
> Best regards,
> Troy : )
> 
> 
> REF:
> 
> Debugging functions are enabled on the remote web server.
> 
> Description :
> 
> The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections.
> 
> See also :
> 
> http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf
> http://www.apacheweek.com/issues/03-01-24
> http://download.oracle.com/sunalerts/1000718.1.html
> 
> Solution :
> 
> Disable these methods. Refer to the plugin output for more information.
> 
> Plugin output :
> 
> To disable these methods, add the following lines for each virtual host in your configuration file :
> 
> RewriteEngine on
> RewriteCond %{REQUEST_METHOD} ^(TRACE
> 
> 
> -
> --
> Troy Smith : )
> ECI Tech Support
> University of California, Santa Barbara
> help at engineering.ucsb.edu
> 
> 
> 
> _______________________________________________
> Ilab-users mailing list
> Ilab-users at lists.cs.ucsb.edu
> https://lists.cs.ucsb.edu/mailman/listinfo/ilab-users
>

More information about the Ilab-users mailing list