Categories

Apache PCI compliance fixes (5)

Fixes for Apache PCI compliance

Dovecot PCI compliance fixes (2)

Fixes for Dovecot PCI compliance

Exim PCI compliance fixes (1)

Fixes for Exim PCI compliance

Java PCI (2)

How to fix Java security issues

Articles

 CVE-2007-4072 cms places full pathname of server in html comment fix

Description: Some CMS provide the full installation path within HTML comments in certain...

 CVE-2007-6197 Version numbers and internal hostnames leaked in HTML comments fix

Description: The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and...

 CVE-2009-2431 blog software leaks real username in html comment fix

Some applications place the username of a post's author in an HTML comment, which allows...

 CWE-540 Inclusion of Sensitive Information in Source Code fix

  Weakness ID: 540 Abstraction: BaseStructure: Simple Status: Incomplete...

 CWE-546 Suspicious Comment

 Description   The code contains comments that suggest the presence of bugs,...

 CWE-615 Inclusion of Sensitive Information in Source Code Comments

 Description While adding general comments is very useful, some...

 Configure stunnel to receive traffic and encrypt it with an SSL

In this article we will discuss how to configure stunnel to receive the traffic and encrypt it...

 PCI package backporting

After running a PCI compliance scan, you will receive a list of issues to be fixed. It is very...

 Testing SSL ports using nmap and check for weak ciphers

There is often the case where we can use the ssllabs to provide a list of weak ciphers used in...

 What is PCI DSS?

A Data Security Standard for the Payment Card Industry Unlike many things in life, the Payment...

 What is Requirement 6.6?

Since its formation, PCI DSS has gone through several iterations in order to keep up with...

 What is a CVE and much more

The acronym “CVE” in the IT industry is synonymous with security holes and has instant name...