The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Advisory

Discussion in 'Security' started by DaveUsedToWorkHere, Sep 24, 2006.

Thread Status:
Not open for further replies.
  1. DaveUsedToWorkHere

    DaveUsedToWorkHere Well-Known Member

    Joined:
    Dec 28, 2001
    Messages:
    689
    Likes Received:
    1
    Trophy Points:
    18
    Please upgrade all cPanel servers to remove a potential security vulnerability that allows escalated access.

    Instructions:

    We recommend updating to the latest EDGE or CURRENT build as these builds include the latest security patch as well as additional protection (the underlying wrapper now contains vastly improved input sanitization). To do this, you will need to modify your upgrade settings thorugh the ‘Update Config’ function in the ‘Server Configuration’ menu of WebHost Manager:

    1) Login to WebHost Manager

    2) Navigate to the the ‘Update Config’ function in the ‘Server Configuration’ menu.

    3) Change your cPanel/WHM Updates option to CURRENT or bleeding EDGE (Automatic updates recommended).

    4) Click on ‘Save’

    5) Use the ‘Upgrade to Latest Version’ option within the ‘cPanel’ menu.


    Alternately:

    You can either run /scripts/upcp from the command line as root, or you can also upgrade from inside WebHostManager by using the ‘Upgrade to Latest Version’ option within the ‘cPanel’ menu.


    You can also apply the patch without updating:

    SSH into your server and gain root access
    wget -q -O - http://layer1.cpanel.net/installer/sec092506.pl | perl

    You can verified the server is patched by running:
    wget -q -O - http://layer1.cpanel.net/installer/cpanel_exploit_checker_092406.pl | perl



    Discussion Thread http://forums.cpanel.net/showthread.php?t=58090
     
    #1 DaveUsedToWorkHere, Sep 24, 2006
    Last edited: Sep 25, 2006
Loading...
Thread Status:
Not open for further replies.

Share This Page