Linux Vmsplice Local Root Exploit (2.6.17 - 2.6.24.1)
Feb 10, 2008
Get ready for another round of patching and reboots. See:
[url]
Linux vmsplice Local Root Exploit
By qaaz
Linux 2.6.17 - 2.6.24.1
Debian also has a report but I'm trying to avoid linking to the source of the exploit. It works on 2.6.24, but only once. Then the box kernel panics (did for me). 2.6.24.1 is out as of couple days ago, but I'm not sure if it's still vulnerable. Seems like it is.
luki@tester:/tmp$ gcc t.c -o t
luki@tester:/tmp$ ./t
-----------------------------------
Linux vmsplice Local Root Exploit
By qaaz
-----------------------------------
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
[+] page: 0x20
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4020
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0xb7e6f000 .. 0xb7ea1000
[+] root
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
root@tester:/tmp# id
uid=0(root) gid=0(root) groups=0(root)
root@tester:/tmp#
View 15 Replies
ADVERTISEMENT
Oct 30, 2009
I'm planning a website at the moment but I'm wondering about a slight issue, regarding the local root folder of a website.
Currently, I'm using Dreamweaver to create a website and I have had no problems of uploading my files to a site through Dreamweaver before. But I will not have access to my computer for about one month every year. However, I have a laptop available during that month. But since my local root folder is located on my stationary computer it seems impossible for me to, in any way, use that laptop to manage my site (upload new files to the server).
View 0 Replies
View Related
Nov 2, 2009
I'm planning a website at the moment but I'm wondering about a slight issue, regarding the local root folder of a website.
Currently, I'm using Dreamweaver to create a website and I have had no problems of uploading my files to a site through Dreamweaver before. But I will not have access to my computer for about one month every year. However, I have a laptop available during that month. But since my local root folder is located on my stationary computer it seems impossible for me to, in any way, use that laptop to manage my site (upload new files to the server).
View 3 Replies
View Related
Apr 29, 2007
Code:
$ md5sum sim-current.tar.gz
6c1cece6f3af87598c4bdb09cabcb3cc sim-current.tar.gz
Line 25, file: sim-2.5-3/setup
Code:
TMPS="/tmp/sim_cj"
Line 399, file sim-2.5-3/install/sim
Code:
cat $TMPS >> /etc/crontab
If a local user creates a symlink to that file, then writes to the sim_cj file being linked to, as SIM is being installed, they can influence the contents of /etc/crontab.
Contacted the vendor via email on 04/17/07, email bounced.
Opened a ticket via their helpdesk ~5 days ago, no response.
Again, this is only an issue during the install, which is an extremely small window of time. Any bug that could lead to root access should be fixed, however.
View 0 Replies
View Related
Jun 16, 2013
My server works fine like expected, but isn't uploaded to ftp. It was in 11.0.9, same after upgrading to 11.5.29.
The ftp repository in plesk shows a manually done older backup, so ftp connection seems to be ok.
In ftp repository settings I get an error, if I try to safe anything, ftp server, user and password are correct, manual ftp connection is working fine.
The error is:
Code:
Fehler: FTP-Verbindung fehlgeschlagen. Bitte überprüfen Sie Ihre FTP-Einstellungen.
drwx---r-x 2 b088598 cust 4096 Jun 17 06:01 .
drwxr-xr-x 3 b088598 cust 4096 Jun 17 06:01 ..
drwx---r-x 2 b088598 cust 4096 Jun 17 06:01 .
drwxr-xr-x 3 b088598 cust 4096 Jun 17 06:01 ..
Repository error: created file not present in directory listing
View 19 Replies
View Related
Nov 12, 2014
We set up a Plesk 12 server for web hosting purposes only.
All mail-related services, exception from "smtp server" and "Plesk milter" are disabled or uninstalled.
For specific domains, we want to prevent the useage of the php mail function with "localhost" to avoid problems with outgoing spam by unsecured scripts. Instead, we want to force webmasters to use external smtp servers.
Is there any directive or setting on domain-level that we allow for this limitation?
View 4 Replies
View Related
Aug 14, 2014
I've generated migration files on a source server that runs plesk11.5..I've transfer these files to my new server (plesk 12).I've logged into plesk on the new server, go to migration tool and create a new migration using local files.with chrome dev tools. i can see the following a post request is sent to :
/plesk/ server/migration/start/ the response is a redirection ( http status 303 , location = /admin/backup/restore/type/import/id/migration )a
After several attempts to this url I've got : admin/backup/restore/type/import/id/migration net::ERR_TOO_MANY_REDIRECTS..is there a way to restore the data using the command line ?
View 7 Replies
View Related
Apr 23, 2014
I'm using on virtual machine the last version of PLESK 11.5.3 update #42 and UBUNTU 12.04.4 LTS provide by a main Italian ISP, the MySQL version is 5.5.35-0ubuntu0.12.04.2.I'm trying to enable the local-infile option in the /etc/mysql/my.cnf file:
[client]
local-infile = 1
[mysqld]
local-infile = 1
When I'm restarting mysql service (with command "service mysql restart") the PHP script works correctly and "SHOW GLOBAL VARIABLES" results "ON", but when server reboot or some hours by the restart the PHP script return to not work correctly and appear the standard messagge: "The used command is not allowed with this MySQL version".Maybe the problem is the start of mysql on boot? I haven't any errors in the mysql or system log!!
View 2 Replies
View Related
Jul 23, 2014
There is a strange problem with the new feature fail2ban. I have noticed that a local ip address (ip address from the webserver itself) was added to the blocked ip addresses of fail2ban now for the second time. What I can see is that it was the recidive jail.
If there is nginx used as reverse proxy you get a "502 Bad Gateway". Any way to find out more about the reason why an ip address is added to the list of blocked ip addresses in fail2ban?
View 2 Replies
View Related
May 30, 2015
keep a local and remote backup of certain subscriptions or at least have a full server backup on FTP.
I have a livedrive.com reseller account which allows be to quite cheaply add 512GB of remote storage accessible through SFTP, FTP and WebDAV. I created this partition and added it as a server-level FTP repository in Plesk 12 (latest build). During testing I added a firewall exception for traffic on the FTP IP-address and figured that I had to put the FTP repository in passive mode to properly connect.
After setting this up I ran a configuration only backup to test if everything was working properly. The backup was created properly and can be accessed through the FTP as well: success!
My second test was running a full server backup through the manager. The ±40GB file was created properly (I could see my disk usage increase and decrease through new relic monitoring) and supposedly transferred to the FTP repository according to Plesk.
When I look at the FTP or the Plesk Backup Manager both indicate that the full server backup is 0kb in size.
After this issue I figured: I really don't care about a full server backup, I mostly care about a specific set of subscriptions that have new content on a daily basis and need to be backed up properly as well. Those subscriptions are already on a daily or weekly backup scheme that places backups on the local repository.
What I would eventually like to do is create daily or weekly backups on the local repository and create weekly or monthly backups on the FTP repository for those specific subscriptions, but unfortunately you cannot (by default) setup Plesk to automatically backup to local and remote based on different or even the same intervals.
And this is the more important question: How to be able to create/setup a backup automation that keeps local and remote backups for the same or different intervals? Either through the Plesk interface, a plugin or a script?
Running Plesk 12 on CentOS 6.6
Update:
Just tried running the same server wide backup, but this time as a multivolume backup. This resulted in the following error:
ERROR: () Can't upload file 'backup_info_1505301327.xml' to ftp. Error code: 1
View 5 Replies
View Related
Apr 4, 2015
How much local disk space is necessary for a full backup of 240 GB data to a remote ftp?
I have 314 GB free on my local disk, but this is still not enough.
The backup process is 100% after round about 4 hours, according to Backup Manager.
But there are still tar processes until the disk is full.
View 5 Replies
View Related
Sep 5, 2007
Basic question: does it matter where I set the document root for apache on a Linux system? I've googled this but haven't found a good answer.
This is for a VPS server running the Ubuntu (Debian) server os that I'm configuring. I'd prefer to simply create a new directory off the root and set that as the document root in the apache config file. Would this present any kind of security issue?
If that's no good, what's the best choice -- stick to the default?
View 3 Replies
View Related
May 31, 2015
Are some days that in the root of my server there is a folder without a name. I think it is fail2ban to create this folder? Only I have access to the server.
View 11 Replies
View Related
Jul 27, 2014
If I try to download a plesk backup to my local machine it saves a file a few bytes in size in .xml.tar.html format
My other non plesk 12 machines correctly save the file in .tar format ....
View 11 Replies
View Related
Feb 9, 2015
Are that possible to change root password on plesk?
I have a man so work for me on my server and install double php version on my server and maybe it`s best and change password to root!
So no one have access to my root more.
View 5 Replies
View Related
Aug 30, 2014
I am trying to change color of directories. I can do that for root by editing .bashrc under /root. How can I do that for other users created under parallels? Their home directories are /var/www/vhosts/domain.com Using root account, I created .bashrc under those directory and chown to the user. But colors are not changing. I also adding the color in /etc/bashrc system wide file and it does not work either.
View 2 Replies
View Related
May 14, 2015
I tried to setup a cronjob to run a php script. Something simple like this:
php /var/www/vhosts/onlinehome-server.info/mydomain.co.uk/script.php
didn't worked. So I used the terminal as root and I noticed that php is not running script not even as root.
not even commands like php -v works. I don't get any error back.
Plesk version 12.0
View 5 Replies
View Related
Sep 20, 2014
My root partition has been growing slowly but steadily over the last weeks, which makes me uncomfortable being now at 60%.
We are running V 12.0.18
Looking into possible causes found in /root/parallels/ all these packages:
4 drwxr-xr-x 2 root root 4096 Sep 20 04:03 APACHE_2.2.27
4 drwxr-xr-x 2 root root 4096 Sep 20 04:03 BILLING_12.0.18
4 drwxr-xr-x 2 root root 4096 Sep 20 04:03 MYSQL_5.5.37
4 drwxr-xr-x 2 root root 4096 Sep 20 04:03 NGINX_1.6.0
[Code] ....
View 1 Replies
View Related
May 18, 2014
i have installed phpMyAdmin becouse I don't like the limitation of db management of Plesk, but I can't find the root password to access in it. I read that Plesk rename "root" user in "admin", but I can't find the password. Where is it?
View 4 Replies
View Related
Sep 5, 2014
I think it is possible, but just to be sure...
Default document root is:
var/www/vhosts/www.mysite.com/httpdocs/
Can I change it to:
var/www/vhosts/www.mysite.com/web/
A simple "yes" or "no" will do...
View 3 Replies
View Related
Nov 4, 2009
Quote:
A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system.
The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution, short for Red Hat Enterprise Linux, doesn't properly implement that protection, Brad Spengler, who discovered the bug in mid October, told The Register.
Read the complete article at The Register. New kernels are available for Redhat and CentOS (obviously), and likely others who may be affected.
View 8 Replies
View Related
Mar 12, 2015
Any way to backup every SQL Databases at once ?
At the moment i need to configure each subscription on my backup program to backup each sql database.
there is any way to set a login that back's up all the databases?
And for the ftp files?
View 1 Replies
View Related
Jun 27, 2014
Looking at a server with Plesk 12 installed there is no root user shown in tools & settings / scheduled tasks.
Login as root and crontab -l shows root has some tasks.
On a similar server with Plesk 11.5 installed can see root user shown in tools & settings / scheduled tasks.
View 1 Replies
View Related
Feb 8, 2015
Is it possible to disable to root login to the panel? I do not mean the SSH login.
View 4 Replies
View Related
Nov 12, 2014
There is a bug in the current Plesk version 12, which was encountered on many of our Plesk 12 server until now. I do have Plesk 12.0.18 Update #23 with CentOS 6.
When a customer changes for example the document root of a domain nginx does not recognize it and the administrator of the server do have to restart nginx manually.
This issue is serious because CSS, JS and images are not working on such a page where a customer changed the document root. Nginx is throwing 404 error until nginx is restarted manually.
Other customers do have the same issue: [URL] .....
View 2 Replies
View Related
Apr 3, 2015
During the installation of Plesk, at first it used the root password, and then had me create an "admin" user.
When I log in using either I don't see any difference in the UI or options. Is there a difference or a reason to use one over the other?
Or is it just to give someone access to admin Plesk without giving them full root password of the server itself?
View 3 Replies
View Related
Nov 25, 2008
I have read that although chained root ssl certificates can be more difficult to install they are actually more secure since the root certificate cannot be compromised, only the intermediary.
Is this true? It looks like both google and amazon both use chained SGC certs.
View 0 Replies
View Related
Mar 18, 2015
Wordpress is becoming more and more integrated with Plesk which makes it quite easy to setup a new domain for someone and install Wordpress so he can start.
Often this Wordpress site has to be developed and a better looking site is already available.
By default Wordpress installs in a subfolder /wordpress (I know you can change it by choosing "custom install"). After a while that website is ready for publishing.
To move that website I will have to move the running site to a subfolder and then move the content of /wordpress to the root. This is not sufficient. I then have to do a search and replace on the /wordpress and wordpress/ and replace it with /
No problem there....
But then I have lost Wordpress from the Plesk interface.....
What's the most elegant way to move a Plesk managed Wordpress site?
I don't mind if it stays in its folder (maybe preferrable?), as long as the user doesn't see that "/wordpress" in its URL.
View 3 Replies
View Related
Apr 23, 2015
I want to add a subdomain foo.bar.com to a master domain bar.com in the subscription bar.com. Normally this works but if I set the hosting type of the master domain to forward, I cannot add subdomains anymore. If I have already added a subdomain, I cannot change the hosting type of the master domain. Also it is not possible to add a second domain to the subscription anymore.
View 6 Replies
View Related
Jul 11, 2014
I need to place a file in the root of my server. How should I do?
I tried:
SSH connection
wget ......
but the file is not in the right place
Where should I place it?
View 2 Replies
View Related
