[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250363

 
 

909

 
 

196124

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 195386 Download | Alert*

The host is installed with IrfanView 4.56 and is prone to an unrestricted file upload vulnerability. A flaw is present in the application, which fails to handle an error processing parsing files of type .pcx. Successful exploitation could allow attackers to cause out-of-bounds writing and denial of service.

The gpgcheck option should be used to ensure that checking of an RPM package's signature always occurs prior to its installation.

The dovecot service should be disabled if possible.

Monitor scope changes for system administrations. If the system has been properly configured to force system administrators to log in as themselves first and then use the sudo command to execute privileged commands, it is possible to monitor changes in scope. The file /etc/sudoers will be written to when the file or its attributes have changed. The audit records will be tagged with the identifier ...

Record events affecting the group, passwd (user IDs), shadow and gshadow (passwords) or /etc/security/opasswd (old passwords, based on remember parameter in the PAM configuration) files. The parameters in this section will watch the files to see if they have been opened for write or have had attribute changes (e.g. permissions) and tag them with the identifier "identity" in the audit log file. Un ...

System time should be synchronized between all systems in an environment. This is typically done by establishing an authoritative time server or set of servers and having all systems synchronize their clocks to them.

All password hashes should be shadowed.

chrony is a daemon which implements the Network Time Protocol (NTP) is designed to synchronize system clocks across a variety of systems and use a source that is highly accurate. More information on chrony can be found at http://chrony.tuxfamily.org/. chrony can be configured to be a client and/or a server.

Verify that Shared Library Files Have Restrictive Permissions (/lib, /lib64, /usr/lib or /usr/lib64) should be configured appropriately.

Verify that Shared Library Files Have Root Ownership (/lib, /lib64, /usr/lib or /usr/lib64) should be configured appropriately.


Pages:      Start    10906    10907    10908    10909    10910    10911    10912    10913    10914    10915    10916    10917    10918    10919    ..   19538

© SecPod Technologies