The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Advisory: ProFTPD

Discussion in 'Security' started by MattDees, May 9, 2005.

  1. MattDees

    MattDees cPanel Product Owner
    Staff Member

    Joined:
    Apr 29, 2005
    Messages:
    417
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Due to a vulnerability in ProFTPD we are advising that everyone use PureFTPd untill we roll out a patch. The patch will be rolled out as soon as we possible can (I will post in this thread when we do so)
     
  2. eth00

    eth00 Well-Known Member
    PartnerNOC

    Joined:
    Mar 30, 2003
    Messages:
    723
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    NC
    cPanel Access Level:
    Root Administrator
    Thanks for the info, just talked with Billy and he confirmed this is an issue.

    *edit* now matt is atleast on the staff group so looks legit.
     
  3. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
  4. qwerty

    qwerty Well-Known Member

    Joined:
    Jan 21, 2003
    Messages:
    213
    Likes Received:
    0
    Trophy Points:
    16
  5. cPanelBilly

    cPanelBilly Guest

    We are still waiting on the full testing to be done as soon as it is it will be rolled out to the rest as soon as testing is done.
     
  6. KatieBuller

    KatieBuller BANNED

    Joined:
    May 10, 2005
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    0
    Can I have an update on the testing, please.
     
  7. cPanelBilly

    cPanelBilly Guest

    It is currently in:
    BETA, EDGE, CURRENT

    If all goes well it will be in RELEASE monday and then STABLE on wed.
     
  8. knipper

    knipper Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    107
    Likes Received:
    0
    Trophy Points:
    16
    Hey all...
    I am currently running WHM 10.1.0 cPanel 10.2.0-R82 and when updates ran last night it completely broke proftd ( I hadn't seen this thread so no change was made)

    Was proftpd disabled by cPanel, or was a patch implemented which caused problems for me?

    I am going to change now to pure-ftpd and see if ftpd will run. Anyone else have issues today?
     
  9. knipper

    knipper Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    107
    Likes Received:
    0
    Trophy Points:
    16
    OK.... looks like I have a problem. I tried twice to switch from proftpd to pure-ftpd via the Tweak FTP menu within WHM. When I click to "switch to pure-ftpd" I get the normal page loading, etc. But it seems to just hang... first time I let it go about 10 mins.... tried to restart ftpd but didn't work.

    Tried to use the switch button again.... this time waited 15-20mins to no avail.

    What would the command be (for the script) to switch from within shell/root so I can see whats happening?

    Thanks in advance.
     
  10. eth00

    eth00 Well-Known Member
    PartnerNOC

    Joined:
    Mar 30, 2003
    Messages:
    723
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    NC
    cPanel Access Level:
    Root Administrator
    /scripts/ftpup
    will update the ftpd
     
  11. knipper

    knipper Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    107
    Likes Received:
    0
    Trophy Points:
    16
    Thanks eth00...

    Looks like it didin't need to do it after all via root. When I logged in I first took a look at the logs, and saw one of my clients had logged in via pure-ftpd just minutes before and was successfull. I ran a couple FTP log-in tests and it seemed to be working.

    I went back to WHM, to tweak FTP and it showed Pure-ftpd was now being used.

    Just not sure why to took so long in WHM, and never did actually see any type of success message.
     
  12. DogTags

    DogTags Active Member

    Joined:
    Mar 10, 2002
    Messages:
    33
    Likes Received:
    0
    Trophy Points:
    6
    Just checkin in to see if the stable patch has been rolled out

    Thanks :)
     
  13. PbG

    PbG Well-Known Member

    Joined:
    Mar 11, 2003
    Messages:
    241
    Likes Received:
    0
    Trophy Points:
    16
    Why isn't this NOTICE in WHM news?? Furthermore why can't we select whether we want news or icons to load by default?
     
  14. Aric1

    Aric1 Well-Known Member

    Joined:
    Oct 15, 2003
    Messages:
    324
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    You should make your requests in bugzilla, so they have them on record.

    The WHM news is almost never updated.

    Aric
     
  15. PbG

    PbG Well-Known Member

    Joined:
    Mar 11, 2003
    Messages:
    241
    Likes Received:
    0
    Trophy Points:
    16
    I did that too.

     
Loading...

Share This Page