CentOS 5

New glibc vulnerability found: Patch for CVE-2015-7547 available now!

Posted by Curtis K in Announcements Feb, 17 2016 2 Comments

A new exploit vulnerability has been found: CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow . According to the CVE, "A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, ... Read More...

Critical QEMU Vulnerability – VENOM – affects Xen, KVM, VirtualBox, XenServer

Posted by Curtis K in Administration May, 14 2015 No Comments

What is the VENOM vulnerability? A new vulnerability, dubbed "VENOM" has been discovered, which exploits the virtual floppy drive code in QEMU. This vulnerability potentially allows an attacker to break out of their VM (guest) and gain privileged access to the Host machine, and its guest VMs. The official website, which contains ... Read More...

Criticical BASH vulnerability discovered – update BASH on your CentOS Linux server now!

Posted by Curtis K in Administration Sep, 25 2014 19 Comments

Update #3 - Unsurprisingly with all the attention that BASH is now receiving, additional vulnerabilities (CVE-2014-7186 and CVE-2014-7187) have been discovered. They are currently unresolved. For a more detailed write-up, see: http://www.itnews.com.au/News/396256,further-flaws-render-shellshock-patch-ineffective.aspx - when there are updates available to resolve these issues, I will update this post. Update #2 - A new BASH ... Read More...

Another set of OpenSSL Bugs discovered. Upgrade OpenSSL on your CentOS Linux servers!

Posted by Curtis K in Announcements Jun, 06 2014 4 Comments

A new set of bugs have been identified and patched in OpenSSL. The following new bugs have been patched in the latest release of OpenSSL: CVE-2010-5298 - possible use of memory after free CVE-2014-0195 - buffer overflow via invalid DTLS fragment CVE-2014-0198 - possible NULL pointer dereference CVE-2014-0221 - DoS from invalid DTLS handshake ... Read More...

Ten Useful RPM (RPM Package Manager) Usage Examples

Posted by Curtis K in Administration Feb, 13 2014 No Comments

RPM is the underlying package management system used on CentOS Linux. In this post, we'll go through a couple of common RPM usage examples: 1. List all packages: 2. List a specific package: 3. Install an RPM package: 4. Install OR upgrade an existing RPM package: 5. Remove an RPM package: 6. Remove an RPM package ... Read More...

Spice up your CentOS Shell, Part 1: ZSH

Posted by Curtis K in Administration Mar, 31 2013 No Comments

In this series, we will be installing some useful tools and applications to improve efficiency on the command line. In part 1 of "Spice up your CentOS Shell" we'll be installing ZSH. 1. What is ZSH? ZSH is a powerful Unix shell. You can think of ZSH as an extended version of CentOS' ... Read More...