MFA for KLIPS 2.0
Learn moreLatest News
Web server admins: Critical flaw "nginx rift"
In all versions of the nginx web server software, there is a critical vulnerability (CVSS score 9.2 or 8.1) which became known publicly on May 13. Nicknamed nginx rift, the flaw allows for remote code execution by attackers if certain common preconditions are met, among those using rewrite rules with regular expressions. All operators of nginx web servers are urged to check their web server configurations for rewrite rules at the earliest. If rewrite rules that could allow attacks are found, update these rules according to the mitigation recommendations given in the security advisory. This concerns only self-hosted nginx web servers, not web projects hosted on web servers managed by ITCC’s webmaster team.
Security flaws in Linux (updated May 13). Call to action for server operators
At the end of April, and again at the beginning of May, and yet again on May 13 major security flaws in the Linux kernel became publicly known. Nicknamed CopyFail and DirtyFrag, plus a variation named Fragnesia, these vulnerabilities affect all major Linux distributions in use. Server operators should therefore check if updates for their systems are available and apply them at the earliest. In cases where no updates are available yet or updates cannot be applied, workarounds are available to mitigate the risk.
Fault reports Administrative services
Es liegen derzeit keine Störungen vor.
Netzzugang
Beratung
Forschungsprojekte
Telefonie
