Security Vulnerabilities Found In HyperVM And LXadmin/Kloxo

Jun 6, 2009

Just got this email

Quote:

Dear Customers,

Multiple security vulnerabilities were discovered in hyperVM and Lxadmin/Kloxo. It is recommended that you update your hyperVM/Kloxo systems to the latest version, as soon as possible.

Details of the vulnerabilities will be posted in the coming days in our forum.

On hyperVM or Kloxo master, Run:

/script/upcp

Lxlabs Support Team

View 14 Replies


ADVERTISEMENT

Kloxo Vs LxAdmin ? (The New Face Of Lxadmin)

May 11, 2009

I rebuilt my VPS (again) today and noticed something different. Instead of the usual "Install LxAdmin" icon in HyperVM I read "Install Kloxo."

I looked at the demo and everything looked the same. Has anyone noticed any definite differences between the two? Has anything significant changed apart from the name?

View 3 Replies View Related

APF Or CSF On Kloxo - Lxadmin

May 15, 2009

which of them is better on kloxo - lxadmin VPS?

APF or CSF OR OTHER?

View 6 Replies View Related

How To Add An Ip Address To Kloxo/lxadmin

Jun 25, 2009

how to add an ip to kloxo/lxadmin?

we had asked for additional ip from the host, they provided it and added it to hypervm, but we can't c the ip in kloxo, so how can we add it to kloxo?

View 3 Replies View Related

How Can I Install Lxadmin/kloxo In Veportal

Oct 28, 2009

Is there a way to easily install lxadmin/kloxo in veportal?

View 14 Replies View Related

Turnoff Hypervm/Kloxo

Jun 10, 2009

our hosting company asking to turn off Kloxo.

Quote:

As some of you may be aware, there are some major holes in hypervm/kloxo that have been published that may leave your VPS open to attack, or compromise. We have shut down HyperVM running on the node temporarily to completely eliminate the risk of a hacker getting in, and have preformed a security assessment to make sure no compromise happened. If you are running Kloxo on your VPS, it's strongly recommended that you disable the daemon to prevent your VPS from getting hacked or attacked. If you require any assistance, Please submit a ticket to support. Unfortunately, *** is NOT responsible for any data loss. It is strongly recommended to disable Kloxo immediately to prevent attack.

View 2 Replies View Related

Can't Setup LxAdmin / Kloxo Hosting Package Using WHMCS

Jun 8, 2009

LxAdmin recently changed their name to Kloxo, which also introduced some new features.

I've setup a Kloxo cluster, with the main server on 1 server, and all the others (mail, dns, web) on another server - still testing it out.

Then I created a package in Kloxo with some limits and gave it a name. Then, I went into WHMCS, and added the product, and chose LxAdmin from the modules drop-down.

I then proceeded to add the package name in, and told WHMCS to "Get the available choices from the server" and then I get the following error:

Quote:

Fatal Error. Got a non-object from the server:

I've tested it with 2 different WHMCS installations

View 0 Replies View Related

Replace Hypervm/lxadmin

Jun 21, 2009

we know hypervm/lxadmin have some exploit. My server is ruuning with lxadmin. Is there any panel to replace it? I mean we can easily to reload OS, use File Manager like hypervm...

View 4 Replies View Related

Block HyperVM/LxAdmin On All VMs

Jun 19, 2009

On both Xen and OpenVZ nodes, how can we block all VMs from accessing the HyperVM & LxAdmin ports?

And what ports would these be again? 8888, 8887, 7777, 7778?

View 1 Replies View Related

VPS LxAdmin/HyperVM Setup

Nov 14, 2008

how do you setup LxAdmin/VPS's once HyperVM OpenVZ is installed..I got it installed from the server company, and want to know how to license HyperVM's.

View 7 Replies View Related

Installed Lxadmin From Hypervm But It Complied Php With Cgi

Jul 7, 2009

How do I get it to setup php as an apache mod?

View 0 Replies View Related

Unknown Host Error On Hypervm/lxadmin On CentOS

Apr 3, 2008

I run hypervm/lxadmin and centos

My issue is that my websites I have hosted there just come and go. They will be accessible for a few minutes, then return "unknown host" errors for a while, and then come back like it never happened.

I am amusiming this is a dns issue, but I am not really sure where to start. My dns template looks ok, but past that I am lost.

View 6 Replies View Related

LXAdmin/HyperVM "Backup File Initial String"

Aug 10, 2008

I am wanting to backup my VPS, though the backup manager requires me to enter something for "Backup File Initial String". It is shown in ....

View 2 Replies View Related

DNS Setup And FTP Setup [LXAdmin/HyperVM]

Aug 1, 2008

I have learnt it is harder to setup than I initially expected (since I have just moved from a shared hosting service). I am in need of some help setting up my DNS servers, as I am very confused. Here is most of the info I know:

1) I am running HyperVM

2) I've installed LXAdmin

3) I own the domain (purchased from xeodomains.com) runemart.com

4) My VPS hostname is: vps.runemart.com

5) I know my IP

6) My host has said:

'For VPS customers that have a HyperVM login you can now host forward DNS on the DNS servers rdns1.vaserv.com (US)rdns2.vaserv.com (UK'

And I am unsure what this means/how to do it.

I am not sure if I need some more information to set up my DNS, however I am sure that I can get it if I do.

Now, my questions begin. Firstly, I need to point my domain - runemart.com - somewhere. I believe I need to set up my DNS via HyperVM or LXAdmin so that they are something like: ns1.runemart.com and ns2.runemart.com. Though, is this correct? Am I able to set up my own actual domain name servers, or will my domain have to point at something like rdns2.vaserv.com?

If anyone can assist me in this I would be very greatful, as I am waiting to get my website running. This is all I will ask for now, I will take it one step at a time =).

View 14 Replies View Related

28 XSS Vulnerabilities

Jun 24, 2008

Acunetix says my site has 28 XSS vulnerabilities?

For example it says calendar.pl is vulnerable and it was able to set a javascript alert as the variable calendar_view.

How can I fix this?

Vulnerability description

This script is possibly vulnerable to Cross Site Scripting (XSS) attacks.

Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code (usually in the form of Javascript) to another user. A browser execute the script in the user context allowing the attacker to access any cookies or session tokens retained by the browser.

This vulnerability affects /cgi-bin/calendar.pl.

The impact of this vulnerability
Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application
Attack details
The POST variable calendar_view has been set to >"><ScRiPt%20%0a%0d>alert(398096611151)%3B</ScRiPt>.

View 1 Replies View Related

Bind 9 Vulnerabilities

Jul 29, 2009

[url]

Upgrade if this affects you.

View 13 Replies View Related

Cacti Command Execution And SQL Injection Vulnerabilities

Jan 14, 2007

Cacti version 0.8.6i has vulnerability: [url]

Solution: [url]

View 2 Replies View Related

How To Secure And Harden Centos Linux Server From Vulnerabilities & Threats ,attacks

Jul 28, 2009

How I can secure my server from vulnerabilities and threats and ddos attack? How can I find my server is compromised or hacked?

Which ports I should check, what commands I should fired on shell prompt? which softwares you will recommend.

View 14 Replies View Related

Kloxo

May 29, 2009

Having trouble with LXadmin/Kloxo. Just bought a vps, installed Kloxo, and when i try to add a client or reseller it says i have no dns set up. then i go to set that up, and it says i dont have an ip address set up.

I went into admin>servers>ipaddresses and tried to add the ipaddress assigned to my vps but it says that it is already in use... i want to be able to host a website.

View 0 Replies View Related

Cent Os 5 Or 5.3 And Will Kloxo Work With 5.3

Jun 24, 2009

cent os 5 or 5.3 - which is preferred?

And will kloxo work on cent Os 5.3 64bit?

or atleast 32 bit?

View 8 Replies View Related

Kloxo High Memory Usage

Oct 24, 2009

I installed kloxo on a fresh CentOS installation, not the hostinabox template

I have high memory usage though as seen here

[url]

Apache appears to be running 2 or 3 times? How do I remedy this?

[url]

View 13 Replies View Related

Kloxo, Plesk And Error Pages , Htaccess

Oct 21, 2009

I Have Kloxo Runing in my Server , and i use Apache for handling php , and htaccess .

From kloxo Panel under Extra , Error Handling .

I made editing to where visitor will be taken when come to page not found , banned , ..etc

The error 404 , 403,500

But won't work , it just take User to the Apache Test page instaed takes him to the Page i spicifed..

So i edited htaccess like ErrorDocument 403 forbid.php to try redierct the users to the error pages but got same reslut instaed takes them to the apache test page .

I tried install Plesk and Try . But seems the Same thing , when user comes to not found page , or forbidden page he will be directed to Apache test page.

View 1 Replies View Related

Joomla Security / Linux Security

Apr 4, 2008

I run a web hosting company and one of my servers is a LAMP server running CentOs 5. A user of mine has a Joomla installation running to manage his website and he has run into the following problem that I am puzzled by.

When Joomla adds a component or module to itself, or when a user uses the Joomla upload functionality, Joomla will add the new files under the user name "apache". This makes sense as it is the apache service running PHP that is actually creating the files.

However, when he FTP's into the account to modify these files, he doesn't have the appropriate permissions to do so as he doesn't have a root level login, just permissions on his home directory which is the site. Any help would be much appreciated.

Also, does anyone know how to change the owner/group of a directory and all of its sub directories in Linux without changing the actual permissions? I.e. some of the files in the folder have different permissions (0644 as apposed to 0755) than its parent but if I do a top down user/group change on the folder it will change everything in that folder to 0755.

View 10 Replies View Related

LXAdmin DNS

Apr 1, 2009

LXAdmin is having REALLY odd DNS problems.

server has been reachable and up constantly, but DNS is NOT working for RANDOM people. No errors anywhere, no log entries, no reasons at all. Using Bind.

All my own tests, and few of friend's tests works fine, and then for a few doesn't work at all.

These problems started suddenly last week.

View 2 Replies View Related

Lxadmin

May 4, 2008

For those who used it for a long time now. Do you think it is suited for critical development and professional websites. What about stability .. and scalability ?

What about migrating from Cpanel. Easy?

View 14 Replies View Related

LXadmin

Oct 25, 2007

my LXadmin..

1st. I have a domain registered at domainsite.com.
2nd. I want to be able to setup my site in LXadmin.

There are 5 ip's
**.**.**.33
**.**.**.34
**.**.**.35
**.**.**.36
and one default web address, **.**.**.101

1st. I went and setup a ns1.mysite.com & ns2.mysite.com
2nd. I went to my registrar and setup custom nameservers
with the above ns's and I used the first 2 ip's.

All I can see is the apache of the default "root"
I can login through ftp and see the actual files though.

I have a little offer if someone can help me. If you can help me get this working I can set you up with space 5gigs or w/e. I am totally confused, I almost feel like cancelling this account.

If anyone knows about HyperVM & LXadmin then let me know and I would love your help. You must be very serious and truthful because I am going to provide you with logins and stuff to help me....

Please help if you can. Oh and its VPS, 40 gig & 600 gig bandwidth.

View 6 Replies View Related

Lxadmin And Ftp

Jun 6, 2007

I just playing with lxadmin.

I noticed, that FTP settings looks there quite.... strange.

I created users (let's say his name is 'usr' with few domains: domain1.com, domain2.com).

I can't just login to ftp using username usr and his pass - I need to create FTP users for all domai names - so, I can't manage more domainnames within one session. It is normal, or maybe I made something wrong - if so, how to fix that.

View 4 Replies View Related

CPanel Vs LXAdmin

Jun 6, 2009

which ones best though?

View 24 Replies View Related

Installing LXAdmin On My VPS

May 20, 2009

I am new with VPS, i was trying to install LXA on my new VPS after rebuilding it

This is what i typed in SSH

wget [url]

sh kloxo-install-master.sh

It worked out fine initially. It went on installing, updating, downloading and so on..
But finally got stuck at this point

11:02:43 (379 KB/s) - `lxawstats4400.tar.gz' saved [1143518/1143518]

Downloading Installappdata

error reading information on service gpm: No such file or directory

rm -rf /var/lib/mysql

View 3 Replies View Related

LXadmin Vs Cpanel

Oct 12, 2009

This is to receive reviews about each of them for a VPS of:

60 GB of space

1 TB of traffic

Which is better LXadmin or Cpanel?

View 14 Replies View Related

LxAdmin To DirectAdmin

Aug 2, 2009

We've had a request to assist a transfer from LxAdmin to DirectAdmin.

We don't mind moving all the files and MySQL manually, however our main concern is copying the old emails.

All the settings (ie. mail forwarders, cron jobs) can be re-created.

how to move the MailDir from LxAdmin to DirectAdmin?

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved