DNF (Dandified Yum) Command Examples: Install, Remove, Upgrade, and Downgrade

DNF (Dandified Yum) 101: Basic Package Manager Interaction
I. What is DNF (Dandified Yum)?
II. DNF Examples: Install, Remove, Upgrade, and Downgrade

Install a Package

Syntax:

dnf install <package>

Install a Single Package – Example:

dnf install mysql-server

Where mysql-server is the package name.

Install Multiple Packages – Example:

dnf install mysql-server mysql

Where mysql-server and mysql are the package names.

Continue reading “DNF (Dandified Yum) Command Examples: Install, Remove, Upgrade, and Downgrade”

Information on CVE-2015-3456 QEMU Vulnerability (VENOM)

Overview

VENOM, or Virtualized Environment Neglected Operations Manipulation, was made public on May 13, 2015. The vulnerability is in QEMU, a generic and open source machine emulator and virtualizer that is utilized by Xen, KVM, and other modern hypervisors / virtualization platforms.

Impact

Specifically a flaw with how QEMU handles out-of-bounds memory access, exploitation can cause the entire hypervisor to crash and may allow an attacker to access other virtual machines outside of their own.

Summary
  • Made public on May 13, 2015
  • This flaw exploits QEMU, a generic and open source machine emulator.
  • Allows for an attacker to access other virtual machines outside of their own.
Resolution

A patch is available, and Liquid Web’s Heroic Support has proactively scheduled a reboot to patch all affected servers.

Continue reading “Information on CVE-2015-3456 QEMU Vulnerability (VENOM)”

How to Update a WordPress Plugin

Step 1: Login to WordPress as Administrator

Hopefully, you’re already well-versed in logging into your WordPress site as an administrator!

Step 2: Access Updates

If there is an update for a plugin or a theme, then you’ll likely have a number in the top bar and next to Updates as shown below (the number 5). Click on Updates!

How To Update a WordPress Plugin - 01

Step 3: Select All the Plugins

Check the box for Select All:

How To Update a WordPress Plugin - 02

Step 4: Update the Plugins

Click on Update Plugins:

How To Update a WordPress Plugin

And at the end of the update process you should receive something similar to, All updates have been completed.

How To Update a WordPress Plugin

Try a Free Cloud Server.

Trying a new server is a breeze, and it’ll be up and running in only a few minutes...

Information on CVE-2015-0235 (GHOST) Vulnerability for Red Hat and CentOS

A vulnerability found in the glibc library, specifically a flaw affecting the gethostbyname() and gethostbyname2() function calls, that allows a remote attacker to potentially execute arbitrary code. CentOS 5, CentOS 6, and CentOS 7 are potentially affected, thus we want to highlight the following information.

Liquid Web package repositories have been updated. Many servers (barring those with updates disabled) have received an update that patches this vulnerability, however, a reboot will still be required in those cases.

Continue reading “Information on CVE-2015-0235 (GHOST) Vulnerability for Red Hat and CentOS”

Information on CVE-2014-9322 Vulnerability for Red Hat and CentOS

A vulnerability found in the Linux kernel, specifically a flaw in fault handling associated with the Stack Segment (SS), allows an unprivileged user to potentially gain privileges. CentOS 4, CentOS 5, CentOS 6, and CentOS 7 are potentially affected, thus we want to highlight the following information.
Continue reading “Information on CVE-2014-9322 Vulnerability for Red Hat and CentOS”

Information on CVE-2014-6271 and CVE-2014-7169 Bash Vulnerabilities (Shell Shock)

On September 24th, a vulnerability was reported in the GNU Bourne-Again-Shell (BASh, or Bash), specifically a flaw with how Bash processes values of environment variables, that allows remote code execution of varying types in many common configurations. The overall risk is severe due to bash being configured for use, by default, on most Linux servers.

While Liquid Web immediately began working to proactively patch this vulnerability, some servers may remain vulnerable depending on their update settings or other unforeseen intervening factors. Thus, we’ve provided the instruction below.

To Summarize:

  • This flaw exploits Bash, a Unix command-line shell run by default on most Linux servers.
  • Allows for remote code execution, and many types of command-line based attacks.
  • A patch is available, and your server can be easily updated.
  • We have tutorials on How to Update Bash on Red Hat and CentOS and How to Update Bash on Debian and Ubuntu.
  • Test the vulnerability of your server with the information below.

Continue reading “Information on CVE-2014-6271 and CVE-2014-7169 Bash Vulnerabilities (Shell Shock)”