Millions of websites threatened by highly critical code-execution bug in Drupal

Enlarge (credit: Victorgrigas)
Millions of sites that run the Drupal content management system run the risk of being hijacked until they’re patched against a vulnerability that allows hackers to remotely execute malicious code, managers of the open source project warned Wednesday.
CVE-2019-6340, as the flaw is tracked, stems from a failure to sufficiently validate user input, managers said in an advisory. Hackers who exploited the vulnerability could, in some cases, run code of their choice on vulnerable websites. The flaw is rated highly critical.
“Some field types do not properly sanitize data from non-form sources,” the advisory stated. “This can lead to arbitrary PHP code execution in some cases.”
Read 5 remaining paragraphs | Comments


Original URL: https://arstechnica.com/?p=1462289

Original article

Almost a week of no internet at Amherst College

Amherst College experienced a catastrophic technical mishap last week that left the campus without access to online services — for five days.

As IT staff scrambled to fix the problem, faculty and students suddenly found themselves without access to Wi-Fi, email, Moodle, accounting systems, card-scanning systems or any content hosted on the Amherst.edu website.

That a scenario totally inconceivable on most modern campuses occurred at the wealthy private, liberal arts college in Amherst, Mass., was doubly surprising.

“How could this happen?” became a common refrain on campus. How could an elite college with a $2.2 billion endowment and that charges more than $50,000 in tuition a year fail to provide basic services, such as internet access?

With Wi-Fi services down, some students used their cellphone data to tweet their disbelief.

It’s been 4 days. WiFi is still down. Professor can’t teach us anything, and I don’t even have any ways to procrastinate my work. Hell is real


Original URL: https://www.insidehighered.com/news/2019/02/21/almost-week-no-internet-amherst-college

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: