Updating servers cuz of glibc vulnerability

Ghost is a vulnerability in glibc that attackers can use against only a handful of applications right now to remotely run executable code and gain control of a Linux server. The vulnerability is a heap-based buffer overflow and affects all Linux systems, according to experts, and has been present in the glibc code since 2000. – See more at: https://threatpost.com/php-applications-wordpress-subject-to-ghost-glibc-vulnerability/110755#sthash.PJ3vrnvp.dpuf

Check if your vulnerable http://www.cyberciti.biz/faq/cve-2015-0235-ghost-glibc-buffer-overflow-linux-test-program/

Download bash script to check for vulnerability GHOST-test.sh

SSL Broken Again – Google’s POODLE Affects Oodles

Another challenge for internet security

97% of SSL web servers are likely to be vulnerable to POODLE, a vulnerability that can be exploited in version 3 of the SSL protocol. POODLE, in common with BEAST, allows a man-in-the-middle attacker to extract secrets from SSL sessions by forcing the victim’s browser into making many thousands of similar requests. As a result of the fallback behaviour in all major browsers, connections to web servers that support both SSL 3 and more modern versions of the protocol are also at risk.

http://news.netcraft.com/archives/2014/10/15/googles-poodle-affects-oodles.html