This bug (CVE-2019-11043) only applies to configurations where the following code is present in the location directive:fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
There is also a go test application to see if your server is vulnerable:
https://github.com/neex/phuip-fpizdam
In front of the fastcgi_split_path_info command, insert the following directive:try_files $uri =404;
If you upload files to an owncloud server via FTP, SCP or some other tool, the owncloud server at first does not notice on its own, that new files are present.
You can however, trigger a manual refresh via the command line...
A php script from owncloud can be triggered as www-data (webserver) user:
Go to your owncloud folder:
cd /var/www/owncloud (just an example)
Change to the www-data user:
su -s /bin/bash www-data
Execute the php script:
php console.php files:scan --all
Recently, the glibc library had a bug that could
be exploited over the network using a DNS request.
This bug can be fixed on debian by updating the libc6 library:
apt-get update
apt-get install libc6
After the update, the computer should be restarted, since a lot of
services and libraries use the libc6.
It is also possible to restart all services, but missing one service
is easily possible, so better be on the safe side.
I have installed a new kernel on my root with the grsecurity and pax patches.
After installing the new kernel, grub is not working correctly any more.
It seems that pax conflicts with some programs of grub.
Thanks to the following article (https://dustri.org/b/grsec-and-grub.html), a solution was found:
Install the paxctl tool:
apt-get install paxctl
Call the tool with the following parameters:
paxctl -Cpms /usr/sbin/grub-mkdevicemap
paxctl -Cpms /usr/sbin/grub-probe
paxctl -Cpms /usr/bin/grub-mount
To block ads on the skype application (tested with 7.12 from 28.10.15) , you can
add the following lines to your host (file: %windir%\system32\drivers\etc\hosts) as administrator!
127.0.0.1 rad.msn.com
127.0.0.1 live.rads.msn.com
127.0.0.1 ads1.msn.com
127.0.0.1 g.msn.com
127.0.0.1 a.ads2.msads.net
127.0.0.1 b.ads2.msads.net
127.0.0.1 ac3.msn.com
If you also add the following line, as stated in some tutorials:
127.0.0.1 apps.skype.com
the skype home can not be loaded any more.
In case you just want to view the original content of the windows assembly folder, or other system folders, you can do the following:
1. In console, type cd /d %windows%\assembly
2. Type: attrib -r -h -s desktop.ini
3. Type: ren desktop.ini desktop.bak
Reload the explorer window to see the actual contents...
If you want to restore the original view, just rename the desktop.bak back to ini.
This works also for other system folders, e.g. fonts folder.
In case you want two seperate views at the same time, you can do:
This article shows you how to install Scrapy - a python web crawling toolbox, under debian/ubuntu or linux mint.
use apt-get with proxy:
http_proxy=http://domain\user:pass@hostname:port apt-get install packagename
or set the environment variable upfront
export http_proxy=http://domain\user:pass@hostname:port
Use pip with proxy:
pip install --proxy="http://domain\user:pass@hostname:port" packagename
Now step by step:
Bash shell has a serious vulnerability that can be exploited by
an remote attacker in some cases.
To check if you are using bash can be done with entering the following at the shell:
echo $0
or
echo $SHELL
If it prints bash, then you are using bash.
Debian Wheezy is using dash by default since version 6.10, so it should not be vulnerable.
If your version of bash is vulnerable can be tested by entering the following in bash:
env X='() { (a)=>\' bash -c "echo echo vuln"; [[ "$(cat echo)" == "vuln" ]] && echo "still vulnerable :("
I tried fixing the heartbleed bug on my debian installation.
Most of the websites suggest, that updating to the newest Openssl release
fixes the problem.
Howevery, an "apt-get install openssl" did not fix the problem.
The test website http://filippo.io/Heartbleed/ said - still vulnerable, although
the newest openssl release was fetched by the apt command.
I found a more thoroughly explanation of a possible fix at:
http://unix.stackexchange.com/questions/123711/how-do-i-recover-from-th…
Getting the newest drush (Drupal shell) version via PEAR can give the following error:
Discovering channel pear.drush.org over http:// failed with message: channel-add: Cannot open "http://pear.drush.org/channel.xml" (Cannot download non-http URL "/channel.xml")
Using the following command sequence can solve the problem:
pear upgrade –force Console_Getopt
pear upgrade –force pear
pear upgrade-all
pear channel-discover pear.drush.org
pear channel-discover pear.drush.org
pear install drush/drush
You have to run the channel discovery twice to add the channel. The first try
Paxton ported to drupal by DropThemes.in