RSS Feed
Latest Updates
Jan
28
SOLVED ** IP Manager problem with latest cPanel/WHM version
Posted by Chris -'- Support Team on 28 January 2016 03:26 PM

Dear Valued Clients,

Thanks for your patience.
IP Manager issue has been resolved.

Thanks for your cooperation.

 

++++++++

 

Dear Valued Clients,

Some servers got auto update to latest cPanel/WHM version which is causing problem with IP Manager Plug-in.
Please feel free to submit a ticket when you need to change the ip address of your domain(s) via billing portal. Our techs will do the needful.

 


Read more »



Dec
16
Joomla Security Update
Posted by Frank -'- Support Team on 16 December 2015 10:24 AM

Hello,

An update for Joomla was just released to address a serious security vulnerability and we strongly recommended you to update Joomla as soon as possible.

Severity                : High
Affected Versions : Joomla CMS versions 1.5.0 through 3.4.5
Exploit type          : Remote Code Execution
Reported Date     : 2015-December-13
Fixed Date           : 2015-December-14

Solution               : Upgrade to version 3.4.6

Please visit the official link for more information.

Official Link: https://developer.joomla.org/security-centre/630-20151214-core-remote-code-execution-vulnerability.html

 


Read more »



Sep
16
WordPress 4.3.1 Security and Maintenance Release.
Posted by Frank -'- Support Team on 16 September 2015 11:37 AM

WordPress 4.3.1 is now available.

This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

WordPress 4.3.1 addresses three issues, including two cross-site scripting vulnerabilities and a potential privilege escalation. WordPress versions 4.3 and earlier are vulnerable to a cross-site scripting vulnerability when processing shortcode tags (CVE-2015-5714). A separate cross-site scripting vulnerability was found in the user list table. Discovered by Ben Bidner of the WordPress security team. Finally, in certain cases, users without proper permissions could publish private posts and make them sticky (CVE-2015-5715).

WordPress 4.3.1 also fixes 26 bugs from 4.3.

Download WordPress 4.3.1 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.3.1.

For more information, see the release notes or consult the list of changes.

Official link :[ https://wordpress.org/news/2015/09/wordpress-4-3-1/ ]

 


Read more »



Aug
4
WordPress 4.2.4 Security and Maintenance Release
Posted by Chris -'- Support Team on 04 August 2015 04:25 PM

WordPress 4.2.4 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.

This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas of Sucuri, Helen Hou-Sandí of the WordPress security team, Netanel Rubin of Check Point, and Ivan Grigorov. It also includes a fix for a potential timing side-channel attack, discovered by Johannes Schmitt of Scrutinizer, and prevents an attacker from locking a post from being edited, discovered by Mohamed A. Baset.

Our thanks to those who have practiced responsible disclosure of security issues.

WordPress 4.2.4 also fixes four bugs. For more information, see the release notes or consult the list of changes.

Download WordPress 4.2.4 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.2.4.


Read more »



Aug
1
CentOS Vulnerability :: libuser vulnerabilities
Posted by Chris -'- Support Team on 01 August 2015 06:22 AM

libuser vulnerabilities

 

Vulnerability Info:
https://securityblog.redhat.com/2015/07/23/libuser-vulnerabilities/

It was discovered that the libuser library contains two vulnerabilities which, in combination, allow unprivileged local users to gain root privileges. libuser is a library that provides read and write access to files like /etc/passwd, which constitute the system user and group database. On Red Hat Enterprise Linux it is a central system component

 

What is being disclosed today?

Qualys reported two vulnerabilities:

CVE-2015-3245: The userhelper program allows local users to add linefeeds in the middle of records to /etc/passwd, corrupting the file.
CVE-2015-3246: libuser uses a non-standard way of updating /etc/passwd and related files. Its locking is incompatible with the rest of the system, and the files are rewritten in place, which means that the system may observe incorrect data.
It turns out that the CVE-2015-3246 vulnerability, by itself or in conjunction with CVE-2015-3245, can be exploited by an unprivileged local user to gain root privileges on an affected system. However, due to the way libuser works, only users who have accounts already listed in /etc/passwd can exploit this vulnerability, and the user needs to supply the account password as part of the attack. These requirements mean that exploitation by accounts listed only in LDAP (or some other NSS data source) or by system accounts without a valid password is not possible. Further analysis showed that the first vulnerability, CVE-2015-3245, is also due to a missing check in libuser. Qualys has disclosed full technical details in their security advisory posted to the oss-security mailing list.

 

Which system components are affected by these vulnerabilities?

libuser is a library, which means that in order to exploit it, a program which employs it must be used. Ideally, such a program has the following properties:

It uses libuser.
It is SUID-root.
It allows putting almost arbitrary content into /etc/passwd.
Without the third item, exploitation may still be possible, but it will be much more difficult. If the program is not SUID-root, a user will not have unlimited attempts to exploit the race condition. A survey of programs processing /etc/passwd and related files presents this picture:

passwd is SUID-root, but it uses PAM to change the password, which has custom code to modify /etc/passwd not affected by the race condition. The account locking functionality in passwd does use libuser, but it is restricted to root.
chsh from util-linux is SUID-root and uses libuser to change /etc/passwd (the latter depending on how util-linux was compiled), but it has fairly strict filters controlling what users can put into these files.
lpasswd, lchfn, lchsh and related utilities from libuser are not SUID-root.
userhelper (in the usermode package) and chfn (in the util-linux package) have all three qualifications: libuser-based, SUID-root, and lack of filters.
This is why userhelper and chfn are plausible targets for exploitation, and other programs such as passwd and chsh are not.

 

How can these vulnerabilities be addressed?

System administrators can apply updates from your operating system vendor. Details of affected Red Hat products and security advisories are available on the knowledge base article on the Red Hat Customer Portal. This security update will change libuser to apply additional checks to the values written to the user and group files (so that injecting newlines is no longer possible), and replaces the locking and file update code to follow the same procedures as the rest of the system. The first change is sufficient to prevent newline injection with userhelper as well, which means that only libuser needs to be updated. If software updates are not available or cannot be applied, it is possible to block access to the vulnerable functionality with a PAM configuration change. System administrators can edit the files /etc/pam.d/chfn and /etc/pam.d/chsh and block access to non-root users by using pam_warn (for logging) and pam_deny:

#%PAM-1.0
auth sufficient pam_rootok.so
auth required pam_warn.so
auth required pam_deny.so
auth include system-auth
account include system-auth
password include system-auth
session include system-auth
This will prevent users from changing their login shells and their GECOS field. userhelper identifies itself to PAM as “chfn”, which means this change is effective for this program as well.


Read more »