Latest Linux Gives Untrusted Users Root Access
Nov 4, 2009
Quote:
A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system.
The null pointer dereference flaw was only fixed in the upcoming 2.6.32 release candidate of the Linux kernel, making virtually all production versions in use at the moment vulnerable. While attacks can be prevented by implementing a common feature known as mmap_min_addr, the RHEL distribution, short for Red Hat Enterprise Linux, doesn't properly implement that protection, Brad Spengler, who discovered the bug in mid October, told The Register.
Read the complete article at The Register. New kernels are available for Redhat and CentOS (obviously), and likely others who may be affected.
View 8 Replies
ADVERTISEMENT
May 22, 2008
How can view all users have root access in system?
View 6 Replies
View Related
Jul 19, 2007
I'm using my webhost providers ssl certificate and get this error:
"The server you are connected to is using a security certificate that could not be verified. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. "
This happens with every machine I use. The certificate is issued by rapidssl.
How can I fix this? Its not practical to ask every user to install the certificate on their local client.
View 1 Replies
View Related
Feb 24, 2008
I have taken over management of a bunch of a dedicated servers and have a question.
What are the commands on Linux (RedHat, RHL) for giving a User access rights to a directory(ies) only.
So that this user can FTP and Telnet to the server but will be able to:
1- only upload files to these directory(ies)
2- only delete files/dirs from these directory(ies)
3- only execute programs residing in these directory(ies)
View 3 Replies
View Related
Feb 16, 2015
My reseller have got one plan, where option "Gestion de l'accès au serveur via SSH" (Manage SSH access to server) is on "Peut autoriser l'accès uniquement à un environnement chrooté" (Can autorize access only in chrooted environment).
This plan contains only one subscription in which I would like to permit users to use sftp. If I go in the subscription, and then I click on "Customize subscription", I can see option "Gestion de l'accès au serveur via SSH" (Manage SSH access to server) is on "Peut autoriser l'accès uniquement à un environnement chrooté" (Can autorize access only in chrooted environment)...
=> So same than in the plan.
After that, when I click on subscription => WebSites and Domain => One domain => FTP Access and I choose a ftp user, I don't have any option to allow ssh access to the user.
View 4 Replies
View Related
Jan 18, 2015
I'm using Plesk Panel 12 on Debian GNU/Linux 7.6 server. I created a ftp user in a subdomain (sub.domain.tld) of my domain (domain.tld).
In Tools and settings = Policy security, I allowed sftp and ftp connections. When I try to connect I get this message :
Code:
sftp my_user@domain.tld
Connection closed
In the password file I got :
Code:
my_user:x:10000:1003::/var/www/vhosts/domain.tld/sub.mydomain.tld/httpdocs:/bin/false
View 15 Replies
View Related
Sep 19, 2014
today we notice that all subscriptions on Plesk when we access phpmyadmin has access to all databases,it was a Plesk update that can be done this ?
I don't remember to update anything during this days to this happen.
View 1 Replies
View Related
Dec 16, 2014
I have a new Plesk 12 installation. I have configured a domain (example.com) with hosting that also requires wildcard subdomains.
To achieve this I had to create a vhost.conf file with...
ServerAlias *.example.com
This works and I can go to http://anything.example.com with no issue.
I purchased a wildcard SSL certificate for *.example.com and successfully installed it.
If I go to https://example.com it works perfectly and shows the correct certificate, however if I go to https://anything.example.com it tells me the connection is untrusted, when I view the certificate, it shows the Parallels Plesk self certified certificate and not my purchased certificate.
I created a vhost_ssl.conf with
ServerAlias *.example.com
ServerAlias *.example.com:443 #tried with and without this line
If I add an exception in the browser, then I am taken to the correct place, albeit with the incorrect certificate.
Of course I have executed httpdmng --reconfigure-domain example.com and also tried a full reboot.
In summary:
http://example.com - works
http://anything.example.com - works
https://example.com works with my certificate
https://anything.example.com has Parallels certificate but routes to correct page
View 5 Replies
View Related
Oct 21, 2014
Is there any way to give a reseller or customer access to the php custom settings box labeled "Additional configuration directives" on the website & domains -> php settings button that an admin can see and alter? We have attempted to give resellers the "Common PHP settings management" and "Setup of potentially insecure web scripting options that override provider's policy" options, but it still does not show up to a reseller.
View 1 Replies
View Related
Jan 19, 2007
Is it safe to upgrade to the latest Linux kernel version 2.6.19.2 (released on January 10th, 2007) ? Is there any reported problems or have anyone faced issues after upgrading?
View 8 Replies
View Related
Jun 20, 2007
I have several users that can't access my sites, they are all from different areas of the world, most are on PC's with WinXP and one is on a MAC. I've had them do all the normal stuff..clean cookies, cache etc all with no luck.
I have a dual processor server running Red Hat 7.3 i686. I do have KISS firewall running.
If I stop the firewall, they can get in, but I can also bring it back up and then for several hours they can still connect, but at some point, they stop being able to.
I currently have no ip's blocked. See below:
BLOCK_LIST=" "
TCP_IN="20 21 25 53 80 110 143 443 995 2082:2083 2086:2087 2095:2096 3306 8443 10000 19638 22 26 37 43 873 993"
TCP_OUT="21 22 25 37 43 53 80 443 873 2089 55000"
UDP_IN="53"
UDP_OUT="53"
TCP_IN_TRUSTED="22"
TRUSTED_IPS="0.0.0.0/0"
SERVER_IPS="0.0.0.0/0"
Nothing that I know of changed, it just started about a week ago.
View 12 Replies
View Related
Aug 17, 2008
i have a problem with shell access, and i can not access it throw ssh putty
the problem with the SSH Key i made one to enable it in my server.
now i can not access the root throw ssh putty
i removed the SSH Key from the WHM and still son nor access the root throw SSH Putty
View 7 Replies
View Related
Aug 23, 2013
Here my msg. i get while trying to update via the Panel:
Code:
Unable to obtain the latest version of Parallels Installer: The required version '3.15.15' was not found on the server. This could happen because of configuration error at the download site. Failed to download the package
[URL] ....
The requested URL returned error: 404
Running Debian 7
PV: 11.5.30 Update #11
View 19 Replies
View Related
Sep 17, 2007
First, a bit of server data:
Linux version: Linux version 2.6.9-023stab033.9-entnosplit (root@rhel4-32) (gcc version 3.4.5 20051201 (Red Hat 3.4.5-2)) #1 SMP Tue Dec 5 14:54:16 MSK 2006
Running on top of Virtuozzo 3.x, SLM
Running the DirectAdmin control panel, v.1.30.2
For a couple years I've been maintaining a VPS, and I've had a command in root's .bash_profile to mail me the contents of `who` whenever root logs in (I'm certain this wouldn't catch everything, but I at least get mailed when I ssh in). However last night I got one of the dispatch emails, one that was definitely not caused by me logging in, and it was missing the `who` output in the body.
Taloncrossing: Root Shell Access on: Mon Sep 17 00:58:49 EDT 2007
I started doing some looking, starting with the logs. /var/log/messages contained these lines:
Sep 17 00:58:49 vps sshd(pam_unix)[16277]: session opened for user root by (uid=
0)
Sep 17 00:59:17 vps sshd(pam_unix)[16277]: session closed for user root
/var/log/security contained:
Sep 17 00:58:49 vps sshd[16277]: Accepted password for root from 65.98.70.202 port 45053 ssh2
To me this is pretty clear that someone had shell access to root. The session lasted just under 30 seconds. The security log showed no signs of previous failed login attempts. I referred to this topic [url]to try to find anything unusual
/var/log/wtmp has a reference somewhere to the accessing IP on grep, but 'who' will not reveal it, the same way that my email message was missing that info.
Everything else looks clean, I've run chkrootkit and rkhunter, all the warnings (issued by rkhunter) are benign, the .bash_history is clean (not flushed or any suspicious commands), logs are clean, nothing unusual is running, can't find anything out of place.
So basically I'm completely confused and have no idea what to make of all this. Was there a glitch? I can only assume that I am somehow compromised, but don't know what to make of all the data I've gathered. I'd really appreciate opinions from some of you that know this stuff way better than I do. The only action I've taken so far is changing the root password.
View 3 Replies
View Related
Apr 24, 2009
is 100% possible access to ALL BD and admin ALL BD of MySQL from PhpMyAdmin.
How we can do it this actions in PhpPgAdmin ?
NOTE: into server with cPanel.
View 10 Replies
View Related
Dec 14, 2008
I give access to some body to let's say install a software for me but is there any probram clean to show me what has he touched
View 12 Replies
View Related
Aug 15, 2007
I am actually very inexpirience in server management. I have a small - I believe - problem. I need to get config file onto my computer from my root server. I can access it through terminal, but it is not very confortable. The config file is on root server.
the file is located at //etc/xxx.conf
Do I need to use web browser to do it? If so how?
Or is there a way that I log to my root server through ssh and transfer onto my computer?
View 2 Replies
View Related
Apr 19, 2009
i have 3 sites/users that all need to be able to access each other with complete read/write/exec access
Site1 Site2 and Site3
what's the best way to do this without screwing up all the premissions and access to my currently active sites. I need advice from someone who is a pro at this and not just guessing at what premissions to set. I'm assume i need to create a MasterGrp and invite all 3 sites then set/change permissions on all three sites. Also all new files created would need to have the masterGrp set as the group automatically
View 4 Replies
View Related
Jul 18, 2007
INTRODUCTION
As owner of a hosting provider company, I face the problem of abusive users almost every day. More than 90% of all abuse on my server comes from free trial accounts. I offer free trial access to my servers for people who want to try things out before they purchase a hosting package, but off course this attracts spammers. To prevent trial users from using my server for spamming purposes, I modified my exim.pl file to prevent trial users from accessing the Exim mail server.
Please note that this tutorial has been written for cPanel servers. If you want to use it on a server with a different control panel, you'll need to modify the cpgetpack.c source. If you do so, please share your work with the community by posting it in a reply here.
STEP ONE
First you’ll need to download, compile and install my cpgetpack.c application. Here’s how:
Code:
gcc cpgetpack.c -o cpgetpack
mv cpgetpack /usr/bin/
chown cpanel:cpanel /usr/bin/cpgetpack
chmod +s /usr/bin/cpgetpack
STEP TWO
Now open the /etc/exim.pl file in your favorite text editor (make a backup first) and look for the following inside the checkuserpass subroutine:
Code:
$trueowner =~ s////g;
$trueowner =~ s/..//g;
if (isdemo(${trueowner})) {
return('no');
}
Below, paste the following code:
Code:
my $name = getpwuid($uid);
open(UP, "cpgetpack $name|");
my $userplan = <UP>;
close(UP);chop($userplan);
if ($userplan eq "radix_FreeTrial") {
return "no";
}
You will have to replace the radix_FreeTrial string with the package you assign to your trial users. This will prevent trial users from authenticating which prevents them from sending mail remotely.
STEP THREE
Users are now still able to send mail locally (for example using the PHP mail() function), so here’s what to do next.
Find the checkdemo subroutine in the exim.pl file and replace the complete subroutine with:
Code:
sub democheck {
my $uid = Exim::expand_string('$originator_uid');
if (isdemo($uid)) { return 'yes'; }
my $name = getpwuid($uid);
open(UP, "cpgetpack $name|");
my $userplan = <UP>;
close(UP);
chop($userplan);
if ($userplan eq "radix_FreeTrial") {
return 'yes';
}
return 'no';
}
STEP FOUR
Now just restart Exim:
Code:
service exim restart
It might be a good idea to create a trial account and see if it’s working. Enjoy!
REFERENCE:
Original post: [url]
Best regards,
Josh Burt
View 0 Replies
View Related
Nov 2, 2009
I'm planning a website at the moment but I'm wondering about a slight issue, regarding the local root folder of a website.
Currently, I'm using Dreamweaver to create a website and I have had no problems of uploading my files to a site through Dreamweaver before. But I will not have access to my computer for about one month every year. However, I have a laptop available during that month. But since my local root folder is located on my stationary computer it seems impossible for me to, in any way, use that laptop to manage my site (upload new files to the server).
View 3 Replies
View Related
Feb 26, 2009
I've just signed up for my first VPS with CMBHosting and the person in charge, Chetan Bakhru, seems like a genuinely nice, friendly and helpful person. In other words this new service look promising at the moment.
However ...
When I signed up I selected his CentOS/LXAdmin plan because I figured that with a pre-installed control panel like LXAdmin I could avoid as much ssh as possible and simply get "up and running" more quickly. Plus I have some experience managing my own CentOS development machine, and I know that a special software package I plan to install runs on CentOS "out of the box" -- so I was expecting good things from this new VPS.
But when my account was created LXAdmin did NOT create an FTP admin account for me with root access to my VPS!
Instead it created an account that drops me into web server's document root folder, and this is far too limiting for me. I really need FTP root server access -- and I'm surprised that LXAdmin did not provide this access by default.
Not only that, but it appears that I cannot create a new FTP account that has any deeper access than the existing admin account!
Does anyone with LXAdmin experience know if this is the way LXAdmin normally works by default? Or is this perhaps a special configuration created by my new VPS host?
View 5 Replies
View Related
Apr 3, 2009
in order to secure my server against instrusion, i disabled ssh root login and created a user for myself. however in order to access the user i need to enable SSH Password authentication
I dont enable password authentication all the time and i keep it disabled unless i need to do something via ssh.
Now my question will be, is there a way to keep the user i created and keep the root login disabled and password authentication disabled but use ssh keys for the user i created?
I was informed that if i opt to login to ssh via the user i created, the only way to do that is to enable password authentication as it cannot work with ssh keys. is this true?
I really hope someone can help me how to use the user i created together with ssh keys so i dont have to enable password authentication when loggin to ssh
View 7 Replies
View Related
Jul 23, 2009
My blog is set up to display in the root of my domain, although the files on the server sit within their own folder:
i.e
Server files
Public_html/wordpressfiles/
Broswer displays
www . mydomain . com/
(disaplys pages from /wordpressfiles)
The problem I have is that I can't access individual directories within the root, unrelated to wordpress.
e.g
I have
Public_html/folder2/...
Setup on the server, but if I enter the path in my browser:
www . mydomain . com/folder2
wordpress thinks I want to access:
www . mydomain . com/wordpress/folder2
...which doesn't exist.
How can I re-gain access to folders in the root, without wordpress interfering?
View 2 Replies
View Related
Jul 22, 2008
How do we set our Plesk VPS so that when someone logs in as root, we will receive an email. It's on a VZ node.
View 3 Replies
View Related
May 29, 2008
How can change mysql root password with ssh access?
View 6 Replies
View Related
Jan 3, 2008
I am having problem login to my server using root as login.
Here is the situation:
I have the root access for WHM as user1 for login, and password1 for password. This can allow me to login to my WHM.
However, in SSH (Putty) I tried to connect to the server using user1 as login, but when I typed password1, it said access denied..
View 11 Replies
View Related
Jun 9, 2008
cheap-ish place to host a PROTOTYPE website. We're going to need php + mysql, but we're going to need to have more control such as root SSH access.
Here is the list of what we need to start with:
SSH access
PHP 5
Java
MYSQL 4 or 5
Apache 2
SendMail
Any ISP recommendations?
For now this is just a prototype, and it will NOT get hammered with
traffic. But we do need an outfit that is efficient and reliable.
Ship
Shiperton Henethe
We are based in the UK.
View 11 Replies
View Related
Oct 25, 2007
When I deleted a database, the user apparently was orphaned because when I tried to recreate it, it returned "user already exists". I've never encountered that problem although from Googling, I see others have and they delete the user to get around it.
When I log into mysql using the da_admin@ account and attempt to remove the user with drop user <user_name>; I receive the following error message:
ERROR 1227 (42000): Access denied; you need the CREATE USER privilege for this operation
It seems I don't have rights even as the root user. How can I get remove the orphaned user?
View 8 Replies
View Related
Jun 8, 2007
I'm getting the error after running
[root@server ~]# mysqladmin processlist
Quote:
mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user 'root'@'localhost' (using password: NO)'
I'm running plesk on FC4.
Not too sure why it says failed or denied, as I'm root?
View 3 Replies
View Related
