PhpMyAdmin security fix v4.8.5 will patch an SQL Injection and arbitrary file read vulnerability. Security is a daily ongoing endeavor and discipline in today’s online world. In a security blog post the developers of phpMyAdmin announced version 4.8.5 of its software to address a few security related issues.
The security fixes involve:
Arbitrary file read vulnerability (https://www.phpmyadmin.net/security/PMASA-2019-1) SQL injection in the Designer interface (https://www.
PhpMyAdmin MySQL Table Export SQL Format Not Available phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web, it’s a very popular tool included with many server control panels such as Plesk and cPanel. Recently an incident was sent my way where a large customer was advising the ability to export single MySQL tables within PhpMyAdmin was no longer providing the expected SQL format by default.
Issue
Had this pop up today, been several years since the ugly Apache semaphore scenario reared its messy head. You’ll have an Apache http web service down, upon typical quick look and attempt to restart, Apache fails to kick off. No biggie, whether digging through logs, systemctl status and journalctl stuffs you’ll eventually come across something similar to:
[Sun Dec 23 15:22:11.
Internal scenario recently. Some Ubuntu Server guest VMs running on top of vmWare ESXi server. Everything running fine, no issues, then the Ubuntu guest VMs will just randomly become utterly unresponsive.
Nothing happening before, the only thing on the Ubuntu guest logs are just a crap ton of carrot jibberish:
"^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@" Luckily I came across this post related to Mastodon that described the exact same event:
WordPress 5.0.1 Security Release
WordPress 5.0.1 is now available. This is a security release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.
Plugin authors are encouraged to read the 5.0.1 developer notes for information on backwards-compatibility.
WordPress versions 5.0 and earlier are affected by the following bugs, which are fixed in version 5.0.1. Updated versions of WordPress 4.
Fairly interesting Plesk Onyx, ProFTPD, DBUS and Logind scenario recently.
Had a server sporadically terminating FTP sessions that were working fine previously. After verifying overall connectivity and firewalling were not the issue time to start diging through logs. While I could see the incomplete and terminated FTP sessions, there was nothing incredibly insightful as to why. Seeing the FTP daemon had been up & running without issues for almost two years I decided to just restart the ProFTPD service – sometimes stuff just needs to be kicked and if stuff was working before, that’s an easy step to eliminate before introducing ‘changes’.
WordPress Brute Force Attacks
WordPress’ popularity not only attracts bloggers but also hackers. Hackers try to compromise
WordPress installations to send spam, setup phishing exploits or launch other attacks.
While there are many sophisticated attacks against WordPress, hackers often use a simple brute force
password attack. In these attacks, botnets try to guess your admin password.
You may think that such attacks would fail, but they exploit one of the weakest links in the security
You need to change an IP address of an interface on a Linux server without loosing connectivity, so here’s one way:
First add a secondary IP address to the interface:
ip addr add 192.168.1.10/24 dev eth0<br /> ip addr show eth0
And confirm:
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 44:38:39:00:11:aa brd ff:ff:ff:ff:ff:ff inet 192.168.1.5/24 scope global eth0 inet 192.
This is always an interesting one, comes up from time to time especially if you run a server with heavy database traffic.
Possibly you’ve modified you my.cnf with various tweaked settings for ‘max_connections’ or ‘open_files_limit’ but your your ‘mysqld.log’ you start getting:
<span class="pun">[</span><span class="pln">Warning</span><span class="pun">]</span><span class="pln"> Buffered warning</span><span class="pun">:</span><span class="pln"> Changed limits</span><span class="pun">:</span><span class="pln"> max_open_files</span><span class="pun">:</span> <span class="lit">1024</span> <span class="pun">(</span><span class="pln">requested </span><span class="lit">5000</span><span class="pun">)</span><br />