login
Forgot?
Login with Facebook

Don't have an account? Register one now!

Joomla Security Fix to make McAfee compliant my Virtuemart

Bids 
9
Avg Bid
$81 USD
CLOSED

  • Project ID:

    558107

  • Project Type:

    Fixed

  • Budget:

    $30-$250 USD

Project Description:

I just signed up with McAfee for security certificate on my website. Unfortunately, they detected some vulnerabliities that need to be addressed. I need someone with experience to make the recommended fixes. The site is joomla with virtuemart ecommerce. The McAfee dashboard lists the issues and the recommended fixes and provides support as well. I need immediate assistance.

Skills required:

AJAX, ASP, Javascript, Joomla, SQL
See more: virtuemart mcafee, website virtuemart joomla, ecommerce asp, fixes virtuemart, joomla dashboard, site security, website security issues, ecommerce website virtuemart, compliant, someone fix website, signed javascript, asp virtuemart, javascript website signed, javascript dashboard, dashboard javascript, joomla website security, joomla security issues, dashboard virtuemart, ecommerce joomla website, site joomla ecommerce, virtuemart website, virtuemart ecommerce joomla , virtuemart ecommerce, virtuemart dashboard, virtuemart certificate

Project posted by:

songbird68 United States
(5 Reviews)
Last seen:
Post a Project like this Report Project

Public Clarification Board

1 messages

  • songbird68

    Name Veritas Netbackup Agent Arbitrary Code Execution

    Description
    The remote host appears to be running the Veritas NetBackup Java Console service.

    This service is used by the NetBackup Java Console GUI to manage the backup server. A user, authorized to connect to this service, can use it as a remote shell with system privileges by sending 'command_EXEC_LIST' messages.


    General Solution
    Restrict access to the NetBackup service.



    Name Ssl Version 2 (v2) Protocol Detection

    Description
    The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients.


    General Solution
    Consult the application's documentation to disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead.

    Name Ssl Weak Cipher Suites Supported

    Description
    The remote host supports the use of SSL ciphers that offer either weak encryption or no encryption at all.


    General Solution
    Reconfigure the affected application if possible to avoid use of weak ciphers.



    Name Openssh X11 Forwarding Session Hijacking

    Description
    According to its banner, the version of SSH installed on the remote host is older than 5.0. Such versions may allow a local user to hijack X11 sessions because it improperly binds TCP ports on the local IPv6 interface if the corresponding ports on the IPv4 interface are in use.


    General Solution
    Upgrade to OpenSSH version 5.0 or later.




    Name SSH Protocol Versions Supported


    Description
    We were able to determine which versions of the SSH protocol the remote SSH daemon supports.

    This gives potential attackers additional information about the system they are attacking.


    General Solution
    You are advised to check the versions of SSH that are currently being supported by the SSH daemon on your server for the following:
    - the version is not outdated. Cipher versions are outdated for a reason ... cryptographic flaws

    - non-compliance with your organizational security policies. Also review your security policies to see if it explicitly states that some versions are not to be used

    - it is advisable to look up industry standard best practices and use what the industry uses as a whole. This helps to get support if any problems arise in the future.

    Modifying the configuration file (sshd.conf; depends which SSH daemon is used) for the SSH daemon to include those protocols that are secure/supported is always a good idea.

    over 2 years ago


If you are the project creator or one of the bidders, please Log In for more options.


Awarded Bids

Freelancers   Bid (USD) Time of Bid Freelancer Reputation
crajeshbe India
b.gif
crajeshbe
India From India     Offline
  Foundation Freelancer.co.uk Member
  General Freelancer Orientation (90%, 98th percentile)
  Foundation LimeExchange Member
  Foundation EUFreelance.com Member
 Accepted
$200 in 4 days 
0
over 2 years ago
5.0
4.7
25 Reviews
57% Completion Rate
Hi Good day, Expert in PCI,McAfee compliant. Web hacker Bid. Ready to start the work. Regards C.Rajesh B.E

All Bids ()

Freelancers Msg Bid (USD) Time of Bid Reputation
itcslive India
itcs_logo.gif
itcslive
India From India     Gold Member     Offline
  General Freelancer Orientation (90%, 98th percentile)
$50 in 1 day 
0
over 2 years ago
4.9
7.0
110 Reviews
75% Completion Rate
Hi sir, we are a web design, web development expert company. We are offering an efficient, professional, friendly service. Can you check PMB for our skills and discuss with us about your project? Thanks iTcslive. :)

barca2045 Spain
barca2045
Spain From Spain     Gold Member     Offline
  HTML Level 1 (95%, 100th percentile)
  JavaScript Level 1 (85%, 84th percentile)
  PHP Level 1 (80%, 92nd percentile)
  General Freelancer Orientation (95%, 100th percentile)
$40 in 0 days 
0
over 2 years ago
4.9
5.7
71 Reviews
88% Completion Rate
Show me the website and the detected vulnerability list, please.

nkhuynh United States
apple-logo1.jpg
nkhuynh
United States From United States     Offline
  General Freelancer Orientation (90%, 98th percentile)
$35 in 1 day 
0
over 2 years ago
5.0
5.0
36 Reviews
80% Completion Rate
Sup man! Please check your PMB, expert to fix vulnerabillity here. Thanks ;-)

musashi42 United States
musashi42
United States From United States     Online
$100 in 2 days 
0
over 2 years ago
4.8
3.4
4 Reviews
64% Completion Rate
Hi, I am ready. Please check my profile for references and Your PM(INBOX) for more details. Thank You.

eclecticeasel United States
webdesignconcepts.gif
eclecticeasel
United States From United States     Offline
$100 in 2 days 
0
over 2 years ago
4.8
2.9
8 Reviews
29% Completion Rate
Hello, Chances are great that your PCI non-compliance issues are with your server and not your Joomla install. I reviewed your project outline and I can begin immediately. I am a BrainBench certified Master of... more
Hello, Chances are great that your PCI non-compliance issues are with your server and not your Joomla install. I reviewed your project outline and I can begin immediately. I am a BrainBench certified Master of Web Design with very strong SEO, W3C and security skills plus lots of Joomla experience. Please see www.cubbysartstudio.com, www.explorersguidellc.com(upgrade from 1.0), www.pentecostfl.org or www.longislandbiz2biz.com(upgrade from 1.0 with four thousand members) for latest Joomla project examples. I am normally available Monday through Saturday 10am to 6pm EST (-5GMT) via Skype, Yahoo, MSN, AIM, Google and telephone. After hours I maintain an emergency support toll free hotline that is answered 24 hours a day 7 days a week by an expert who can solve any problem you may encounter. I use a server monitor that emails me and the client the instant a client's site goes down or comes up on error. I guarantee all my work to your 100% satisfaction. My full portfolio and complete details of my skillset can be viewed at www.eclecticeasel.com. Unlike many of the freelance "PRO"s on GAF I can and actually do perform all the work contracted for myself instead of farming it out for less money than you paid ensuring you don't get your money's worth from the developer who performs the work. As a value added for my clients I offer deeply discounted professional hosting - $69 per year for 1000gigs of storage space and 1000gigs of bandwidth on a LAMP box, with no setup fee. The hosting I offer provides the additional value added of personal technical support 24/7 that is only a toll free call away. Visit www.claywebhosting.com to sign up and get instant activation. I look forward to earning your repeat business. Warm regards, Terrance W. Arthur less

antony123 India
antony123
India From India     Offline
  Foundation EUFreelance.com Member
$35 in 1 day 
0
over 2 years ago
5.0
2.2
6 Reviews
36% Completion Rate
I can do it

webguru786 India
webguru786
India From India     Offline
$111 in 0 days 
0
over 2 years ago
5.0
2.1
1 Review
100% Completion Rate
Hi, We are ready to work on your project. We can do it in given time frame with quality, speed and professionalism. You just award this project to us and you will find yourself in safe hands. After this job we will su... more
Hi, We are ready to work on your project. We can do it in given time frame with quality, speed and professionalism. You just award this project to us and you will find yourself in safe hands. After this job we will surely have long term relation among us for doing more and more work together.We are an experienced Joomla web developer and designer. We have done many site based on Joomla and We are familiar with Joomla code. We have produced lot of ecommerce solutions, B2B portal, CMS and other web solutions. Please send me a message so that I can send you my previous work URLs. ( Please see PM..) less

developer84 Cuba
developer84
Cuba From Cuba     Offline
  Foundation EUFreelance.com Member
$60 in 1 day 
0
over 2 years ago
5.0
2.0
3 Reviews
50% Completion Rate
hi check pm please. thanks

Freelancer.com (formerly GetAFreelancer) is the world's largest outsourcing and crowdsourcing marketplace for small business. We have hundreds of thousands of satisfied customers from all over the world. We connect over employers and freelancers globally from over 234 countries & regions. Through our website, employers can hire freelancers to do work in areas such as software, writing, data entry and design right through to engineering and the sciences, sales and marketing, and accounting & legal services. The average job is under US$200, making outsourcing for the first time extremely cost effective for small businesses.

Would you like to find freelance jobs and make money online? Just sign up to get started! We have created a safe environment for both freelancers and employers via our secure milestone payment system. We have thousands of freelance coders, writers, programmers, designers, marketers and more. Getting the best web design, professional programming, custom writing or affordable marketing has never been easier! Try outsourcing for free today! Don't forget to bookmark our homepage for your next project or job.

© Copyright 2011 Freelancer Technology Pty Limited (ACN 142 189 759)
Freelancer ® is a registered Trademark of Freelancer Technology Pty Limited (ACN 142 189 759)