PHP-CGI Exploit is in the wild. Get protected ASAP.

The vulnerability that sat undetected for 7 years was disclosed last week, but today it has been announced that exploits have been seen in the wild.  They are working on releasing a new patch. This is pretty bad as it’s not exploiting one particular web application, rather, it is exploiting web servers running PHP in general.

The quick fix is to add this to the .htaccess file on your website(s):

RewriteEngine on
RewriteCond %{QUERY_STRING} ^[^=]*$
RewriteCond %{QUERY_STRING} %2d|- [NC]
RewriteRule .? – [F,L]

Unless you have compiled PHP from source on your web server, you will need to wait for your vendor (Cpanel, WHM, RedHat, CentOS, etc) to release the updated version. I suggest you implement the above .htaccess fix in the meantime.

 

Edit 5/9/12 12:19PM Eastern:

Most cPanel configurations are protected by default: http://www.cpanel.net/2012/05/cpanel-protects-against-php-vulnerability.html

VMware – RHEL / CentOS 6.2 – Network Issues

Howdy folks,

I just grabbed CentOS 6.2 (don’t know if it’s an issue in 6.0, 6.1), but an installation with the “Basic Server” within VMware Fusion 4.1.1 delivered no IP address etc. when leaving DHCP/NAT as the default.

Finding: Seems, either something is goofed in the dhclient or NetworkManager (now default for RHEL 6.x).

Fix: I brought the network interface up “ifup eth0”, then ran “dhclient eth0”, obtained an IP and ran “yum update -y”, after which (I noticed dhclient was in the updates), I was able to reboot and all worked well.

Not a big deal, as you could have just manually configured your network script, but maybe it will help someone. 🙂

RHEL 5.3 and Depsolve problems in Yum

During some recent server patches on Red Hat Enterprise Linux 5.3, I kept getting ‘depsolve’ errors on several packages. This was odd, as I had not made any changes to anything, installed anything new, or removed anything.

Turns out this is a known bug in 5.3, and luckily, the solution is simple:

$> yum clean all

Run that, and it refreshes your local repository. The next time you go to update packages your server will refresh everything with the Red Hat respository, and all will be good!

How to recover MySQL’s “root” password quickly

Have you ever been in a rush or just had a complete brain freeze with your MySQL passwords?

Well…..I have.  🙂

——————————-

Step # 1 : Stop mysql service

SHELL> /etc/init.d/mysql stop

——————————-

Step # 2: Start to MySQL server w/o password:

SHELL> mysqld_safe --skip-grant-tables &

——————————-

Step # 3: Connect to mysql server using mysql client and setup the new root password:

SHELL> mysql -u root
mysql> use mysql;mysql> update user set password=PASSWORD("$PASSWORD") where User='root';mysql> flush privileges;mysql> quit

——————————-

Step #4: Stop and Restart MySQL Server: (try your new $PASSWORD)

SHELL> /etc/init.d/mysql stopSHELL> /etc/init.d/mysql startSHELL> mysql -u root -p

——————————-

Note: There are other ways to reset the password, but I like this one.

Fedora 11 – VMware Workstation 6.5.2

Over the past few years several people on the VMware communities forums have released patches to fix the vmware modules for the next “fresh” release of the Linux Kernel / Distro. I’ve used them in the past with much success, but I generally like waiting for the official VMware support. However, I’m pretty excited about Fedora 11 (just to many new goodies not to play) and I noticed there’s a new updated patch for 2.6.29 and even 2.6.30 Kernels!

VMware Workstation 6.5.2 module patches/discussion: 2.6.29

VMware Workstation 6.5.2 module patches/discussion: 2.6.30

Sun has official Fedora 11 support (and now 2.6.31) with VirtualBox: VirtualBox 3.0.0 (if that’s your cup of tea)

Note: Obviously Fedora is the test bed for the QEMU/KVM merger so you can go that route as well, but I love VMware. ;0)
Here is a great article to get you moving on the QEMU/KVM way of life: Clik Me

HTH

Fedora 11 – Intel / ATI – KMS bugs with video drivers

f11release

Starting in Fedora 10 (but disabled by default) Red Hat Fedora started providing the KMS Framework.

Fedora – KMS page: Click Me

X.Org – KMS page :  Click Me

Now if you’ve upgraded/installed the new Fedora 11 (or even Ubuntu 9.x etc.) KMS is enabled by default and you may have noticed there are new/still some regressions in the kernel and certain Intel and ATI cards may have issues.

If you’re having some crazy issues, fear not, you may have an answer here.

Intel Video Issues: Click Me

Ati/AMD Video Issues: Click Me

Note: This isn’t Fedora specific, you may have noticed you cant even enable desktop effects in Ubuntu 9.0.4 under certain cards (without de-blacklisting)

This is just the natural progression of trying to make things better and part of the growing pains that going with non-enterprise distros of Linux can give it’s users……but end the end, it will be worth it.

HTH.

Redirecting root’s Email on Red Hat

red-hat-logo-bigIf you are a conscientious system administrator, you like to keep tabs on your server by checking root’s email at least once a day, correct?  If you manage more than one server, or get tired of having to log in to check your mail, you can redirect where email for the root user gets sent.

I ran into problems on Red Hat Enterprise 5.2 doing this, so I thought I’d post the resolution here.

Continue reading “Redirecting root’s Email on Red Hat”

clicky