The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Check

Discussion in 'Security' started by cguimont, Sep 12, 2004.

  1. cguimont

    cguimont Well-Known Member

    Joined:
    Jul 13, 2004
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    Hello, I did a security check on my server and it sorted my many kinds of error( I used server matrix nessus):

    The 'guestbook.cgi' is installed. This CGI has
    a well known security flaw that lets anyone execute arbitrary
    commands with the privileges of the http daemon (root or nobody).

    Solution : remove it from /cgi-bin.

    Risk factor : High
    CVE : CVE-1999-0237
    BID : 776
    Nessus ID : 10098

    Did Cpanel update the guestbook.cgi to fix that whole and nessus is really out of the game, or it's a true problem?


    Vulnerability http (80/tcp)
    The remote host is using the Apache mod_frontpage module.

    mod_frontpage older than 1.6.1 is vulnerable to a buffer
    overflow which may allow an attacker to gain root access.

    *** Since Nessus was not able to remotely determine the version
    *** of mod_frontage you are running, you are advised to manually
    *** check which version you are running as this might be a false
    *** positive.

    If you want the remote server to be remotely secure, we advise
    you do not use this module at all.


    Solution : Disable this module
    Risk factor : High
    CVE : CAN-2002-0427
    BID : 4251
    Nessus ID : 11303

    Are there any fixes to that error?


    Vulnerability http (80/tcp)
    The remote host is using a version of OpenSSL which is
    older than 0.9.6m or 0.9.7d

    There are several bug in this version of OpenSSL which may allow
    an attacker to cause a denial of service against the remote host.

    *** Nessus solely relied on the banner of the remote host
    *** to issue this warning

    Solution : Upgrade to version 0.9.6m (0.9.7d) or newer
    Risk factor : Medium
    CVE : CAN-2004-0079, CAN-2004-0081, CAN-2004-0112
    BID : 9899
    Other references : IAVA:2004-B-0006
    Nessus ID : 12110


    I am at the lastest version of it( throught up2date)

    And here is the error with SSH:

    You are running a version of OpenSSH which is older than 3.7.1

    Versions older than 3.7.1 are vulnerable to a flaw in the buffer management
    functions which might allow an attacker to execute arbitrary commands on this
    host.

    An exploit for this issue is rumored to exist.


    Note that several distribution patched this hole without changing
    the version number of OpenSSH. Since Nessus solely relied on the
    banner of the remote SSH server to perform this check, this might
    be a false positive.

    If you are running a RedHat host, make sure that the command :
    rpm -q openssh-server

    Returns :
    openssh-server-3.1p1-13 (RedHat 7.x)
    openssh-server-3.4p1-7 (RedHat 8.0)
    openssh-server-3.5p1-11 (RedHat 9)

    Solution : Upgrade to OpenSSH 3.7.1

    I tried to update with up2date but it didn't work.

    Server: Rh Entreprise 3
    Cpanel: Whm 1.9.8 Current_13

    Would it help to update the kernel??? Version: kernel-2.4.21-4.EL


    Thanks
     
  2. StevenC

    StevenC Well-Known Member

    Joined:
    Jan 1, 2004
    Messages:
    254
    Likes Received:
    0
    Trophy Points:
    16
    Redhat backports patches into old versions of software so your openssl, and openssh is fine. Your kernel is outdated however, i would upgrade that. Your frontpage is fine, i belive cpanel patches an old version.
     
  3. cguimont

    cguimont Well-Known Member

    Joined:
    Jul 13, 2004
    Messages:
    100
    Likes Received:
    0
    Trophy Points:
    16
    The following packages you requested are already updated:
    kernel
    kernel-source
    kernel-utils
    ???
     
  4. flash7

    flash7 Well-Known Member

    Joined:
    Feb 16, 2004
    Messages:
    203
    Likes Received:
    0
    Trophy Points:
    16
    try this:

    up2date -u -f kernel

    last version is 2.4.21-20.EL
     
    #4 flash7, Sep 13, 2004
    Last edited: Sep 13, 2004
Loading...

Share This Page