Select Page

ssl vulnerability


How to prevent ‘Certificate for FILE “(CN: domain.com)” has expired!’ errors in your server

Earlier, only businesses that dealt with confidential information such as credit card or online transactions, were bothered about their website security.

But with most advanced browsers now making HTTPS mandatory, and even Google considering it as a parameter for website ranking, every website is now getting an SSL certificate. (more…)

How to disable apache SSLv3 protocol for your web server security

How to disable apache SSLv3 protocol for your web server security

With most businesses moving online, internet security has become a crucial aspect. Vulnerabilities are being exposed so constantly in the web world that any day you can wake up to a new exploit or a hack.

To be on the safer side and to protect the data and transactions from attackers, all server owners have secure protocols such as SSL or TLS installed in their servers.
(more…)

How to fix high severity OpenSSL bugs (Memory corruption, Padding oracle) in Ubuntu, CentOS, RedHat, OpenSuse and other Linux servers

How to fix high severity OpenSSL bugs (Memory corruption, Padding oracle) in Ubuntu, CentOS, RedHat, OpenSuse and other Linux servers

Early today (3rd May 2016), OpenSSL released patches for two high severity bugs, and 4 low severity ones. The first bug, CVE-2016-2108 is a Memory corruption vulnerability, which could allow an attacker to crash a service or even execute malicious code.

The second bug, CVE-2016-2107 is a Padding oracle vulnerability, which could be used for Man-In-The-Middle (MITM) attacks to steal encrypted login passwords. (more…)