The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Scan Alert finds cpanel insecure, They found several issues which need to be addresse

Discussion in 'General Discussion' started by EdRooney, Dec 11, 2004.

  1. EdRooney

    EdRooney BANNED

    Joined:
    Oct 21, 2004
    Messages:
    166
    Likes Received:
    0
    Trophy Points:
    0
    hired a company (Scan Alert) to monitor the website for vulnerabilities. They found several issues which need to be addressed.

    1.OpenSSH < 3.2.1 - AFS/Kerberos Performing Ticket/Token Passing Back

    Workaround:
    Even in this scenario, the vulnerability may be avoided by enabling 'UsePrivilegeSeparation'. This is done by editing the sshd_config file in /etc/ssh (depending on your os, the config file maybe located elsewhere on the server). When you have completed the change, it should look like this:
    UsePrivilegeSeparation yes
    You must restart sshd after making any changes to the sshd_config file.
    Solution:
    Upgrade to the latest version of OpenSSH. Most software vendors have their own updated versions.

    2.OpenSSH < 3.3 - Challenge-Response Buffer Overflow
    Solution:Upgrade to the latest version of OpenSSH.
    Disabling the 'ChallengeResponseAuthentication' and 'PAMAuthenticationViaKbdInt' options and restarting sshd is a short-term workaround.
    To enable privilege separation, the following configuration option must be in the sshd_config file (often located at /etc/ssh/sshd_config):
    UsePrivilegeSeparation yes
    Restart OpenSSH.
    Note that this configuration change may break some processes. Given the risk, it is advised that privilege separation be enabled regardless. If this is impossible, OpenSSH should be disabled or blocked until a patch is available.

    3. OpenSSH Buffer Management Vulnerabilities
    Solution:Workaround:
    * Enable PrivilegeSeparation in the sshd_config file.
    * Restart SSH. A workaround for Cisco systems is located here:
    http://www.securityfocus.com/bid/8628/solution/
    Solution:
    Upgrade to OpenSSH 3.7.1 or newer. The following link contains specific vendor information relating to upgrades:
    http://www.securityfocus.com/bid/8628/solution/
    If your vendor was not listed, please contact them directly for a patch, or at the very least, implement the aforementioned workaround.
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    They're all wrong. RedHat backports the fixes into their stable distribution. This is a common problem with poor automated checking solutions that don't take into account your OS.
     
  3. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    What OS are you using? Below 3.2.1 is pretty old...

    RHEL 3 OpenSSH is at 3.6.1p2 - with the backported fixes.
     
  4. StevenC

    StevenC Well-Known Member

    Joined:
    Jan 1, 2004
    Messages:
    254
    Likes Received:
    0
    Trophy Points:
    16
    Yeah as chirpy said, they are all wrong, however nessus 2.2 looks promising. It has the ability to login to a server and check patches.
     
Loading...

Share This Page