RSS Feed
Latest Updates
CVE-2016-5195: Dirty COW - Privilege escalation kernel vulnerability
Posted by Chris -'- Support Team on 23 October 2016 04:45 PM


A very serious security problem has been found in the Linux kernel. A 0-day local privilege escalation vulnerability has existed for eleven years since 2005. This bug affects all sort of of Android devices or Linux kernel to escalate privileges. Any user can become root in less than five seconds. The bug has existed since Linux kernel version 2.6.22+

A list of affected Linux distros (including VMs and containers that share the same kernel)

Red Hat Enterprise Linux 7.x
Red Hat Enterprise Linux 6.x
Red Hat Enterprise Linux 5.x
CentOS Linux 7.x
CentOS Linux 6.x
CentOS Linux 5.x
Debian Linux wheezy
Debian Linux jessie
Debian Linux stretch
Debian Linux sid
Ubuntu Linux precise (LTS 12.04)
Ubuntu Linux trusty
Ubuntu Linux xenial (LTS 16.04)
Ubuntu Linux yakkety
Ubuntu Linux vivid/ubuntu-core
SUSE Linux Enterprise 11 and 12.

Details and Fixing :

Redhat :
Debian : :

Please feel free to submit a ticket if you need help.



Read more »

eu10 went down
Posted by Chris -'- Support Team on 24 May 2016 03:32 PM


eu10 went down and our technicians are working on it.
It will be back soon.
Sorry for inconvience caused to you.


Server is back online 45 min ago.


Read more »

cPanel/WHM and WHM Plugin IP Manager version update
Posted by Chris -'- Support Team on 23 May 2016 12:48 PM

Dear Valued Clients,

We will perform cPanel/WHM version update on our USA and EU shared servers to latest release version 56.0 (build 18)
WHM Plug-in IP Manager will be updated from v2.1 to v2.2 with cPanel/WHM update.

Schedule update task : May 24, 2016 at 04h00 a.m. (EST)
There will be NO service interruption during updates.


Read more »

Important - Disabling php mail() function - need to use SMTP auth.
Posted by Chris -'- Support Team on 21 February 2016 04:10 PM

Hello ,

PHP mail function is one of the way to send out anonymously/spoofed emails. In our case we commonly use this on our contact us web forms. This mail form act as a smtp proxy, this function takes ([RECIPIENT],[SUBJECT],[MESSAGE],[EXTRAHEADERS], [EXTRAPARAMS]) as parameters. There are numerous additional fields that can be specified in the mail headers, For example 'Cc' (Carbon Copy), which sends a copy of the message to the email addresses given as arguments, 'Bcc' (Blind Carbon Copy) which sends a carbon copy of the message just like with the 'Cc' header.

How this function gets exploited ;

By entering hexadecimal characters in the form field they are able to add carriage returns and spaces. So the following string entered in a form field such as "Your Email" will result in a carbon copy of the email being sent to and a blind carbon copy being sent to and


Many sites provide the possibility to "email this page to a friend" "contact us" through a web form, the resulting email softly suggests to "visit our website" on behalf of the user that filled in the form with his personal email address. Even though the subject and the message are hardcoded, there is still a way to inject headers.

To overcome this we need to use PHPMailer libraries to send out emails and this function support SMTP authentication.

Here is an example script which uses phpmailer and smtp auth to send out emails.


$mail = new PHPMailer();

$mail->IsSMTP();                                      // set mailer to use SMTP
$mail->Host = "";  // specify main and backup server
$mail->SMTPAuth = true;     // turn on SMTP authentication
$mail->Username = "";  // SMTP username
$mail->Password = "yourpassword"; // SMTP password

$mail->From = "";
$mail->FromName = "Mailer";
$mail->AddAddress("", "My Name");        // name is optional
$mail->AddReplyTo("", "Information");

$mail->WordWrap = 50;                                 // set word wrap to 50 characters
$mail->IsHTML(true);                                  // set email format to HTML
$mail->Subject = "Here is the subject";
$mail->Body    = "This is the HTML message body <b>in bold!</b>";
$mail->AltBody = "This is the body in plain text for non-HTML mail clients";

   echo "Message could not be sent. <p>";
   echo "Mailer Error: " . $mail->ErrorInfo;

echo "Message has been sent";

To enhance the security and to eliminate the possibility of users being exploited by hackers and intruders. One of the common abuse we find is spamming. In most of the cases the users are unaware of what is happening. For preventing this, we will be disabling mail() function. The above script is just a sample, you need to modify the script/code to adopt mail sending with smtp authentication.

Please feel free to submit a ticket if you need help.

We will disable it on Sunday 04h00 (EST) 28th of February, 2016

Read more »



This is a courtesy notice to let you know about the (Linux Glibc Getaddrinfo Stack-based Buffer Overflow Zero Day Vulnerability).

A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This package contains the standard C library against which all GNU/Linux programs are linked.

Fix the Glibc Getaddrinfo vulnerability on a RHEL/CentOS Linux

Type the following yum command:

$ sudo yum clean all
$ sudo yum update

After the update is applied you need to reboot the system or restart all affected services:

Because this vulnerability affects a large amount of applications on the system, the safest and recommended way to assure every application uses the updated glibc packages is to restart the system.

In case you are unable to restart the entire system after applying the update, execute the following command to list all running processes (not restricted to services) still using the old [in-memory] version of glibc on your system.

lsof +c0 -d DEL | awk 'NR==1 || /libc-/ {print $2,$1,$4,$NF}' | column -t

From the resulting list, identify the public-facing services and restart them.

You can find more details from the links below.

If you are not running any systems on CentOS 6 or 7:
Your services are unaffected by this vulnerability.

If you have any questions, please do not hesitate to open a ticket with our helpdesk.

Read more »