CPanel Resetpass User Parameter Vulnerability
May 29, 2007I'm wondering if this is true:
[url]
Something like:
[url]
ADVERTISEMENT
Cpanel Vulnerability BTID:22915
Mar 13, 2007[url]
cPanel Multiple Local File Include Vulnerabilities
Bugtraq ID: 22915
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Mar 11 2007 12:00AM
Updated: Mar 12 2007 04:54PM
Credit: cyb3rt & 020 are credited with the discovery of these vulnerabilities.
Vulnerable: cPanel cPanel 10.9 build 134
cPanel cPanel 10.9 build 125
cPanel cPanel 10.9
CPanel Horde Vulnerability Found - Update Your CPanel
Mar 7, 2008An arbitrary file inclusion vulnerability has been discovered in the Horde
webmail application. At present, we can confirm that this security
vulnerability in question affects Horde 3.1.6 and earlier. Based on
incomplete information at this time, we also believe this affects Horde
Groupware 1.0.4 and earlier as well (cPanel does not use Horde Groupware
at this time).
cPanel customers should update their cPanel and WHM servers immediately to
prevent any chance of compromise. The patch will be available in builds
11.18.2 and greater (or 11.19.2 and greater for EDGE systems). The updated
builds will be available immediately to all fast update servers. The
builds will be available to all other update servers within one hour of
this posting.
To check which version of cPanel and WHM is on your server, simply log
into WebHost Manager (WHM) and look in the top right corner, or execute
the following command from the command line as root:
/usr/local/cpanel/cpanel -V
You can upgrade your server by navigating to 'cPanel' -> 'Upgrade to
Latest Version' in WebHost Manager or by executing the following from the
command line as root:
/scripts/upcp
It is recommended that all use of Horde 3.1.6 and earlier be stopped (on
cPanel and non-cPanel systems alike) until Horde updates can be applied.
You can disable Horde on your cPanel system by unchecking the box next to
'Server Configuration' -> 'Tweak Settings' -> 'Mail' -> 'Horde Webmail'
within WHM, and saving the page with the new settings.
CPanel Vulnerability Found - Upgrade Recommended
May 2, 2008Just came through on the RSS feeds...
Quote:
Several potential security issues have been identified with cPanel software and Horde, a 3rd party bundled application. cPanel releases prior to 11.18.4 and 11.22.2 are susceptible to security issues, which range in severity from trivial to medium-critical. Along with the discovery of these potential issues, cPanel has released a new security tool to provide users with protection from XSRF attacks.
Quote:
All STABLE and RELEASE users are strongly urged to update to their respective 11.18.5 release. CURRENT and EDGE users should update to the latest 11.22.3 release. No releases are deemed susceptible to severe, critical or root access vulnerabilities.
[url]
Vps Slow How Increase Numproc Parameter
Jun 25, 2007i have a vps with 384mb ram,20Gb space and two sites hosted but everthing is down. on Qos alerts i have many yellow and black zone.
For the traffic statistics i see just a little gb a day and 1300-1500 visitors daily.
The support staff answer my ticket that the server work with a high tcp connections to my vps and this cause the down stats of all my website.
more details:
Code:
uid resource held maxheld barrier limit failcnt
7041: kmemsize 6851969 6887410 20761600 23068672 0
lockedpages 0 0 256 256 0
privvmpages 118485 119083 235929 262144 0
shmpages 6654 6654 65536 65536 0
dummy 0 0 0 0 0
numproc 86 87 200 200 682
physpages 41110 41692 0 2147483647 0
vmguarpages 0 0 98304 2147483647 0
oomguarpages 41110 41692 98304 2147483647 0
numtcpsock 30 32 500 500 0
numflock 8 8 11340 12600 0
numpty 2 2 64 64 0
numsiginfo 0 1 256 256 0
tcpsndbuf 393036 399744 3154974 5258291 1009
tcprcvbuf 380616 405756 3154974 5258291 28300
othersockbuf 21916 158504 3271557 8388608 0
dgramrcvbuf 0 700 1572864 1572864 0
numothersock 21 26 500 500 0
dcachesize 668198 677622 8304721 9227468 0
numfile 2650 2677 8192 8192 0
dummy 0 0 0 0 0
dummy 0 0 0 0 0
dummy 0 0 0 0 0
numiptent 14 14 500 500 0[
How can i increase the numproc,tcprcvbuf and all parameters that give fails.
Plesk 11.x / Linux :: Add Mailbox - Invalid Parameter Number
Jul 25, 2014After upgrading from 9.5 to 11.5.30 update #47 (CentOS 5.8 (Final) 32bit) i'm getting error when trying to add an email box:
Internal error: SQLSTATE[HY093]: Invalid parameter number: no parameters were bound MessageSQLSTATE[HY093]: Invalid parameter number: no parameters were bound
File Pdo.php
Line234
TypeZend_Db_Statement_Exception
mysql request "select objectId from Configurations where status='error';" gives nothing.
Plesk 11.x / Windows :: Reconfigure Vhost -> Missing Required Parameter
Jul 25, 2013When i try to call websrvmng.exe --reconfigure-vhost --vhost-name=domain.com (like here: [URL] .....),
I get this message: "Missing required parameter --vhost-config."
Version: Plesk 11.5.30 Update#5
Plesk 12.x / Linux :: Migration Fails - Wrong Syntax For Command Parameter
Jul 15, 2014We're trying to migrate a Webspace from a 11.5 to a 12.0.18 Plesk host using the Migration Manager. The Webspace contains 4 domains. The main domain of the webspace gets migrated fine, however, all of the "child" domains fail with the following error:
Execution of /usr/local/psa/admin/plib/api-cli/domain.php --create webspace-domain.ch -webspace-name child-domain.ch -do-not-apply-skeleton -notify false -guid 733c0e02-4b75-4f73-8421-03b23051d65d -creation-date 2013-06-06 -skip-plan -ignore-nonexistent-options failed with return code 1.
Stderr is
Wrong syntax for command's '-webspace-name' parameter. 'webspace-domain.ch' does not match the pattern '/^[[:alnum:]]([[:alnum:]-]{0,61}[[:alnum:]]){0,1}(.[[:alnum:]]([[:alnum:]-]{0,61}[[:alnum:]]){0,1})+$/iu'.
Plesk 12.x / Windows :: Error (String Was Provided For Unescaped Parameter Host) In IP Configuration
Jun 27, 2014I recently upgraded from Plesk 11.5 to 12.0. I also just got an extra IPv4-address for my server (provider is Strato), unfortunately I have some problems with adding it to Plesk.
The IP should be assigned automatically through DHCP, but when I did a Reread IP in Plesk, nothing happened. I tried to manually add the IP, but then Plesk manually configured it and I lost the IPv4-connectivity (IPv6 kept working though).
Now when I want to remove the IP, I get the following error:
Is this a bug or a problem with my specific configuration?
New Kayako Helpdesk XSS Vulnerability
Nov 18, 2008This security flaw came to light at the end of October and I didn't find it posted already so thought it worth mentioning having tested the helpdesks for some sites that we use and found them to be at risk.
D
etails and a demo exploit URL can be found at url]
For anyone who doesn't know, XSS flaws that allow execution of arbitrary javascript can be exploited easily and without user knowledge to obtain information such as login details or session IDs. This could happen in various ways, including visiting an unrelated page with a simple URL that redirects to the vulnerable URL and then back again. Tools such as NoScript for FireFox may help protect against this on the client side.
/scripts Vulnerability Using WebShell.cgi
Jan 14, 2007A user is able to use WebShell.cgi:
[url removed]
In order to run commands from the /scripts folder. This is especially dangerous as a user can give an account reseller priviledge with full root access.
Because webshell.cgi is running with the uid/gid of apache, it can access all files which can be access with apache. And guess what.... the /scripts folder is one of them.
Because it's a CGI script, it doesn't seem as though there is an easy way to block this.
Vulnerability Assessment Of Network Security?
May 13, 2008I am building a website which require a data feed from a third party data provider. I have to fill out a 'questionair' when submitting my application and I'm not sure what to put for this questions.
Question: "Have you run a vulnerability assessment of network security? What is the current assessment rating?"
I Google'd for security rating but came up blank, without any useful result. Is there a level like 1-5 or something for network security rating? I m not sure what to put on here.
I'm not against getting a shared/virtual hosting account if the a host could provide me with these ratings.
Weak Cipher Vulnerability On Apache Web Server
Apr 10, 2013We are currently running ColdFusion 9 on an Apache server. After running a Webinspect scan for one of our web applications, a weak cipher vulnerability was flagged as critical. Their recommended change to the httpd.conf file is listed below. We made the change and restarted our server but the same vulnerability came up again. How to eliminate the weak cipher vulnerability?
SSLCipherSuite ALL:!aNull:!ADH:!eNull:!LOW:!EXP:!NULL:RC4+RSA:+HIGH:+MEDIUMĀ
Plesk 11.x / Linux :: SSL Server Allows Anonymous Authentication Vulnerability
Jun 27, 2013I am using plesk 11.0.9 and I want disable ssl anonymous authentication. A vulnerability exists in SSL communications when clients are allowed to connect using no authentication algorithm.
How I can disable anonymous authentication
Plesk apache + nginx running
Attacking Multicore CPUs (new Vulnerability Discussion From Slashdot/The Register)
Sep 16, 2007Attacking multicore CPUs
[url]
[url]
"The Register reports that the world of current multi-core central processing units (CPUs) just entered is facing a serious threat. A security researcher at Cambridge disclosed a new class of vulnerabilities that takes advantage of concurrency to bypass security protections such as anti-virus software The attack is based on the assumption that the software that interacts with the kernel can be used without interference. The researcher, Robert Watson, showed that a careful written exploit can attack in the little timeframe when this happens, and literally change the "words" that they are exchanging. Even if some of these dark aspects of concurrency were already known, Watson proved that real attacks can be developed, and showed that developers have to fix their code. Fast..."
Plesk 11.x / Linux :: Shell-shock Bash Vulnerability In Chrootsh
Oct 1, 2014We have Plesk Panel 11.5 in Virtuozzo containers (Centos 6 x86_64) and we often provide to our customers the ssh access with chroot - /usr/local/ psa/ bin/chrootsh.All we know about Shellshock Vulnerability and we already installed all fixes to bash, but chrootsh-version is still vulnerable.Here are the results of BashCheck from [URL] ..... under chrooted user:
Vulnerable to CVE-2014-6271 (original shellshock)
Vulnerable to CVE-2014-7169 (taviso bug)
bashcheck: line 15: 19226 Segmentation fault bash -c "true $(printf '<<EOF %.0s' {1..79})" 2> /dev/null
Vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer.Variable function parser still active, likely vulnerable to yet unknown parser bugs like CVE-2014-6277 (lcamtuf bug).Do you plan to release updates for chrootsh?
SIM Installer Symlink Attack + Race Condition Local Root Vulnerability
Apr 29, 2007Code:
$ md5sum sim-current.tar.gz
6c1cece6f3af87598c4bdb09cabcb3cc sim-current.tar.gz
Line 25, file: sim-2.5-3/setup
Code:
TMPS="/tmp/sim_cj"
Line 399, file sim-2.5-3/install/sim
Code:
cat $TMPS >> /etc/crontab
If a local user creates a symlink to that file, then writes to the sim_cj file being linked to, as SIM is being installed, they can influence the contents of /etc/crontab.
Contacted the vendor via email on 04/17/07, email bounced.
Opened a ticket via their helpdesk ~5 days ago, no response.
Again, this is only an issue during the install, which is an extremely small window of time. Any bug that could lead to root access should be fixed, however.
Redirect Domain/user To User.domain ONLY IF Folder 'user' Doesn't Exist
May 7, 2007I thought I knew enough about my .htaccess stuff to do this, but I can't seem to work it out. What I want to do is if a user visits domain.com/folder, we check to see if the folder exists. If so, show as normal (IE domain.com/support)
If a user visits domain.com/dynamicusername (dynamicusername is not a physical folder), redirect to dynamicusername.domain.com
Backing Up A All My CPanel User's
Dec 6, 2007How do I backup all my cPanel users? Like there files, settings, emails, mysql, everything.
View 14 Replies View RelatedExim/Cpanel No Such User Here
Jun 25, 2008I'm having an issue with email generated from a website contact form. The email is being sent from the website via php. The issue is that the email address that it is being sent to is a domain/website that is also on cpanel. It is trying to deliver it to a local account, but the email is acutally on a third party system outside of cpanel. Does anyone know anyway for exim to not try and deliver locally?
View 4 Replies View RelatedCpanel Master User
Oct 24, 2008Logging in to cpanel using root password warned you that you had logged in using root privs and you got a nice drop down where you could jump to any account's cpanel.
After changing my root password, the first domain set up on that server gets the nice drop down, and indeed full rights, despite using it's normal password. I also don't see the warning message about using root privs.
So, somehow, the domain's account has gained ROOT cpanel privs. Where is this set?
Find User Bandwidth From SSH (CPanel)
May 11, 2009Does anyone happen to know how to find the current bandwidth usage for users in CPanel via SSH? I found disk space, which is /scripts/dumpquota, but I can't find the bandwidth.
View 8 Replies View RelatedEmail Notifications Whenever User Log's In FTP (CPanel)
Apr 12, 2009Server configuration:
CENTOS 5.3 x86_64
cPanel 11.24.4-C35075 - WHM 11.24.2 - X 3.9
Is it possible to write a script that will be sending notifications on user e-mail, that is already pre-configured in their account, whenver user will log in to FTP.
Are there any pre-made scripts or if not, any hint's on writing something like that?
Tracking Down Web Process User In Cpanel
Nov 3, 2009Recently, there are a lot of "apache" processes hogging my Cpanel server with the default owner "nobody". How could I track the apache process back to which user is using it?
View 8 Replies View RelatedUser Nobody Using All System Memory Cpanel
Apr 16, 2009I tracked down another issue that I am having with this same server. I login and look at the system and 100% of the swap is used and 99% of the Ram. I look to see who's using it, and the user name is Nobody. What role does this user play in cpanel? Can I disable the user?
UPDATE: It is actually apache doing it.
7044 nobody 0
0.6
8.3 /usr/local/apache/bin/httpd -DSSL
2836 nobody 0
0.6
0.2 /usr/local/apache/bin/httpd -DSSL
2835 nobody 0
0.6
1.8 /usr/local/apache/bin/httpd -DSSL
2838 nobody 0
0.6
0.5 /usr/local/apache/bin/httpd -DSSL
2854 nobody 0
0.6
0.2 /usr/local/apache/bin/httpd -DSSL
7934 nobody 0
0.5
22.8 /usr/local/apache/bin/httpd -DSSL
2839 nobody 0
0.4
0.2 /usr/local/apache/bin/httpd -DSSL
2887 nobody 0
0.4
24.5 /usr/local/apache/bin/httpd -DSSL
2848 nobody 0
0.4
2.7 /usr/local/apache/bin/httpd -DSSL
CPanel - Limiting IO Mem CPU Per User? Hostgator Like
Nov 16, 2008I was reading up a thread where hostgator cpanel servers seem to be limiting IO activity per user/account/domain. How can that be achieved?
Any special limitations on a per account basis that I am not aware of?