The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cpanel security advisory for Apache- update now!

Discussion in 'EasyApache' started by ramprage, Jun 7, 2004.

  1. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    667
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
    Cpanel security advisory for Apache- update now!
    There has been a security issue released by Cpanel telling everyone to update Apache immediately. If you haven't noticed because of Cpanel's new ICON INTERFACE INSTEAD OF NEWS, update now

    From Cpanel News:

    "Security A Security hole has been discovered in the cPanel's suexec/mod_php handlers.

    To resolve the problem:
    Update apache using easyapache, or the WHM's apache builder.
    Once apache is updated, you should then update to cPanel 9.4.0 or later. (It is recommended that you update cPanel. The cPanel update is not required to resolve the security hole. Howver, it will provide a better security model to guard against future problems.)

    * RELEASE and STABLE users should wait until Tuesday June 8th (or when this notice is removed) to upgrade cPanel.
    Severity: HIGH"

    http://www.webhostgear.com/121.html
     
  2. Lem0nHead

    Lem0nHead Well-Known Member

    Joined:
    Sep 2, 2003
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    6
    this is a big problem with cPanel doesn't taking security issues serious

    this script is there for more than 2 weeks... I even opened a ticket saying about it... they told me that "this company is a security company and is trying to scare you" (or something similar) and suggested me to compile apache with phpsuexec to stop this script

    well... it in fact stop the script (and make my cpu load goes from 0.4 to 7.0), but why didn't they try to fix that or at least INVESTIGATED?

    cpanel support has been EXCELENT for me... they even tried for a long time to fix a site that was with a weird and non-logical problem in my server (and that probably was not in their "scope of support")... but cpanel is known to don't be a secure control panel (on topics about security we often see "if you want security, first thing you should do is remove cpanel")... so why not to start taking more care with those things?

    i'm lucky to have found this script before and to know perl, so I could see how it was gaining access and added the "-T" to scripts, but i fell for others that didn't do that and could have (or will have) all their user accounts hacked...
     
  3. Lem0nHead

    Lem0nHead Well-Known Member

    Joined:
    Sep 2, 2003
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    6
    here's quotes of the ticket (opened on 05/26):

     
  4. Lem0nHead

    Lem0nHead Well-Known Member

    Joined:
    Sep 2, 2003
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    6
    no, it's not

    cpanel "patched" suexec and that's where the bug comes from
     
  5. Curious Too

    Curious Too Well-Known Member

    Joined:
    Aug 31, 2001
    Messages:
    427
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Does this only affect people who use phpsuexec?
     
  6. Lem0nHead

    Lem0nHead Well-Known Member

    Joined:
    Sep 2, 2003
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    6
    exactly the opposite ;)
     
  7. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    667
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
  8. Chew

    Chew Well-Known Member

    Joined:
    Dec 31, 2003
    Messages:
    96
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Maryland
    Anyone else still experiencing that /cpanel /mail aren't working?

    I'm still getting 500 Internal Service Errors

    I'm running 9.4.0 current 12

    Anyone know how to fix this?

    BTW I'm running apache 1.3.31, php 4.3.7 (installed from source), mysql 4.0.18, zend (installed from source)

    Chew
     
    #8 Chew, Jun 7, 2004
    Last edited: Jun 7, 2004
  9. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Have seen some reference to running edge builds to fix the problem so far.
     
  10. StevenC

    StevenC Well-Known Member

    Joined:
    Jan 1, 2004
    Messages:
    254
    Likes Received:
    0
    Trophy Points:
    16
    upgrade to current it fixes

    /cpanel
    /whm

    issues
     
  11. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,381
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    What version of Apache fixes this issue? I have already upgraded our servers to 1.3.31 since the last vulnerability with phpsuexec. Some of our servers are running Cpanel 9.3.0, and I'm wondering if a cpanel update is all that is required.
     
  12. bman

    bman Well-Known Member

    Joined:
    Dec 28, 2003
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    upgrade to what WHm/Cpanel version ?
    rebuild apache with default settings or select some thing extra ?
    thanks
     
  13. techark

    techark Well-Known Member

    Joined:
    May 22, 2002
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    16
    Everyone check your Front PAge extensions it seems to have broken ours.
     
  14. Creazioni1

    Creazioni1 Well-Known Member

    Joined:
    Dec 28, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    6

    right!:(

    i did
    /scripts/updatenow
    /scripts/updatefrontpage

    but it's same:(:(
     
  15. nightscream

    nightscream Member

    Joined:
    Sep 28, 2002
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    any fixes for Frontpage yet?
     
  16. fishfreek

    fishfreek Well-Known Member

    Joined:
    Jan 2, 2004
    Messages:
    238
    Likes Received:
    0
    Trophy Points:
    16
    I upgraded to 9.4.0-C12 and while /webmail works when I click on horde I cant login. I get the following error.

    A fatal error has occurred:

    DB Error: connect failed

    [line 108 of /usr/local/cpanel/base/horde/lib/Prefs/sql.php]

    Details have been logged for the administrator.
     
  17. fishfreek

    fishfreek Well-Known Member

    Joined:
    Jan 2, 2004
    Messages:
    238
    Likes Received:
    0
    Trophy Points:
    16
    Strange. I wanted to also report on a second box I have updated to 9.4.0-C12 I do not get the horde error.

    Strange.
     
  18. Creazioni1

    Creazioni1 Well-Known Member

    Joined:
    Dec 28, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    6
    I HATE FRONT PAGE!!!
    but some custiomer wanna FP200*:(:(:(:(

    i hope in un FIX
     
  19. Fillos

    Fillos Active Member

    Joined:
    Mar 24, 2003
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Northern Ontario
    I hope this gets resolved faster than last year's password problem....

    I should think that if you advertise this forum as your first line of support, you might want to post periodic updates to let your client base know that you are at least aware of the problem and working on a fix.

    FrontPage extensions are a pretty major part of most hosting company's business, so this is causing a pretty major disruption.
     
  20. kufel

    kufel Member

    Joined:
    Oct 23, 2003
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    NYC baby
    the security upgrade of cpanel/apache broke our email ssytem - mail is not being sent out of the system or being delivered tot he system.

    worst of all there is no error messages, mail just disappears... anyone with the problem like that?
     
Loading...

Share This Page