Major Exploit

[forlinuxsupport]

Hi

I will check my email setup with cpanel.

I did get the one from configserver and got one indirectly from a client of mine.

cheers
andy

[Interdit]

When will a build RELEASE be available ?

Thanks,
Francois

[cinusik]

Well looks like this have finnally been sorted.. wow

2) This forum / thread needs much better control. I think I counted 3 separate and unrelated issues in here. Rather stick to the topic guys, or open a new topic for your problem.
(e.g .what has a missing mysql db got to do with ROOT escalation ??)

Because of their patch cpanel's mysql/phpmyadmin functionality was broken so this is related in 100% to this thread. It was confirmed on all current and edge relasess so it was a BIG problem.

Finally it's fixed.

[comake]

Hello,

I have run the update by cpanel panel.

But I am blocked to 60% "imap........ ........ "

Whan can I do ?

[forlinuxsupport]

Hi

looks like 10 out of 100 of my servers did NOT have the patch applied by nightly update.
And they are running WHM 10.8.0 cPanel 10.9.0-C21.

I have downloaded and run the cpanel patch on them and it has worked

Strange that most servers it worked and a few it didnt.

cheers
Andy

[Shrek]

I've noticed on the update patching, on several servers when creating a new account (this even happens to some old accounts as well), that some of the packages are screwed up and I have to manually update accounts to have the sql databases, email accounts.. etc.. set back to either the unlimited setting or whatever amount I had setup for them.
Has anyone else experienced this?

[nat]

I've noticed on the update patching, on several servers when creating a new account (this even happens to some old accounts as well), that some of the packages are screwed up and I have to manually update accounts to have the sql databases, email accounts.. etc.. set back to either the unlimited setting or whatever amount I had setup for them.
Has anyone else experienced this?

Yes.

I think it is broken for everyone. Just nobody hasn't noticed yet. I only noticed that packages with "unlimted" mysql databases were broken. Probably broken for other unlimited's as well but I have not tried.

See: http://forums.cpanel.net/showthread.php?t=58159

[cix]

I´m running on all my servers:

WHM 10.8.0 cPanel 10.8.2-R119

I did a /scripts/upcp --force, so am I fixed?

[nat]

I´m running on all my servers:

WHM 10.8.0 cPanel 10.8.2-R119

I did a /scripts/upcp --force, so am I fixed?

Yes.

You can make sure by running...

wget -q -O - http://layer1.cpanel.net/installer/c...cker_092406.pl cpanel_exploit_checker_092406.pl | perl


If that command does not work try...

wget http://layer1.cpanel.net/installer/c...cker_092406.pl
chmod 700 cpanel_exploit_checker_092406.pl
perl ./cpanel_exploit_checker_092406.pl


The first checker script released did not work and this thread is long and things might get missed. The checker script above works. If the one above says it is safe, it is safe.

[kernow]

FYI
Received at 3.22am UTC /GMT from Cpanel

We have recently released an updated security patch for RELEASE/STABLE.
This patch includes the same protections (updated wrapper) that were
added to the CURRENT/EDGE trees. We recommend updating all RELEASE and
STABLE boxes with this patch. Please note that all boxes will be
automatically updated with this patch during tonight's update if
automatic updates are enabled.

To apply this patch:

wget -q -O - http://layer1.cpanel.net/installer/sec092506.pl | perl

or

/scripts/upcp

Please note that you will not need to patch new installs.

Thank You
cPanel Development Team

[rainboy]

I am wondering if (as i can't find it) Cpanel has a low volume security advisory mailing list, this would be very nice to tell the community a patch has been made.

Anyone knows if this list exist, and if so, where can i find information about it.
If it does not exist, wouldn't this be an excellent way to inform your customers there is an important patch ?

Kindest regards,
Patrick

[philb]

Direct cPanel customers should have received mails.

If you get your licence from your host with a dedicated server or from a reseller then it is probably up to your host/reseller to keep you informed.

[rainboy]

philb,

Thanks for the answer, as i receive the license trough my hosting provider for my server, i assume they did receive an update. However i am not fond of those extra layers of communication, especially not when it is about an important security update. At the end Cpanel is getting the attention from the press not the hosting providers. So from a point of marketing and customer service i would have expected an mailing-list for this kind of security leaks.

But of course that's all up to cPanel, and how they want to communicate with their users.
Just hope they will see this post and hopefully think its a good idea.

Kindest regards,
Patrick

[budway]

I have received the update and I think cPanel is by far the best CP in the industry.

What other CP has their owner on forums communicting with their customers?

I would like to put all my dep support to cPanel team and thank than for a fast work and a Job Well Done...


Finally I would like to state that Some company's out there are clearly not that responsable when it comes to security. They know a security issue is on the lose with their BROWSER and does not release the FIX.

[yayyo]

Yes.

You can make sure by running...

Code:

wget -q -O - http://layer1.cpanel.net/installer/cpanel_exploit_checker_092406.pl | perl

If that command does not work try...

Code:

wget http://layer1.cpanel.net/installer/cpanel_exploit_checker_092406.pl
chmod 700 cpanel_exploit_checker_092406.pl 
perl ./cpanel_exploit_checker_092406.pl

The first checker script released did not work and this thread is long and things might get missed. The checker script above works. If the one above says it is safe, it is safe.

Just trying to get around the forum code breaking the links above. It should now be possible to copy and paste them.