If you're new here, you may want to subscribe to my RSS feed. So that you can read the latest updates about Web2.0 tools, Making Money Online, Tips in SEO, Ajax and many more. Thanks for visiting ProgramimiCOM!

SECURITY ADVISORY: Official Horde Update to 3.1.7 and upgrades to cPanel’s PHP application security model available in cPanel builds 11.18.3 and 11.19.3.

———————-

Summary:
The Horde webmail application framework has been updated to 3.1.7. Upgrades have been made in cPanel’s PHP application security model.

Description:
The Horde webmail application framework has been updated to 3.1.7 for the official fix to the previously announced arbitrary file inclusion vulnerability. cPanel has also made upgrades in cPanel’s PHP application security model for Horde, PHPMyAdmin, and PHPPGAdmin. These upgrades have been made to minimize or mitigate undiscovered vulnerabilities in these third-party applications while running within a cPanel installation.

Fix Details:
It is recommended that all cPanel servers running Horde be updated to either cPanel 11.18.3 or cPanel 11.19.3. If you do not wish to update cPanel, it is strongly recommended that you keep Horde disabled until these updates have been applied. You can disable horde on your cPanel system by unchecking WHM -> Server Configuration -> Tweak Settings -> Mail -> Horde Webmail, and saving with the new settings.

You can check your current version of cPanel by executing:
/usr/local/cpanel/cpanel -V

Updates can be run via the following command executed from a root shell:
/scripts/upcp

Updates can be run through WHM as well. Login to WHM, then select cPanel -> Upgrade
to Latest Version -> Click to Upgrade.

References:
http://lists.horde.org/archives/announce/2008/000382.html

Credits:
cPanel would also like to thank Jeff Petersen and Rob Brown for the additional security information provided with regards to this update.

• 0 Comments

Subject: SECURITY ALERT: Horde arbitrary file inclusion vulnerability

An arbitrary file inclusion vulnerability has been discovered in the Horde webmail application. At present, we can confirm that this security vulnerability in question affects Horde 3.1.6 and earlier. Based on incomplete information at this time, we also believe this affects Horde Groupware 1.0.4 and earlier as well (cPanel does not use Horde Groupware at this time).

cPanel customers should update their cPanel and WHM servers immediately to prevent any chance of compromise. The patch will be available in builds 11.18.2 and greater (or 11.19.2 and greater for EDGE systems). The updated builds will be available immediately to all fast update servers. The builds will be available to all other update servers within one hour of this posting.

To check which version of cPanel and WHM is on your server, simply log into WebHost Manager (WHM) and look in the top right corner, or execute the following command from the command line as root:

/usr/local/cpanel/cpanel -V

You can upgrade your server by navigating to ‘cPanel’ -> ‘Upgrade to Latest Version’ in WebHost Manager or by executing the following from the command line as root:

/scripts/upcp

It is recommended that all use of Horde 3.1.6 and earlier be stopped (on cPanel and non-cPanel systems alike) until Horde updates can be applied. You can disable Horde on your cPanel system by unchecking the box next to ‘Server Configuration’ -> ‘Tweak Settings’ -> ‘Mail’ -> ‘Horde Webmail’ within WHM, and saving the page with the new settings.

We would like to thank HostGator for providing the initial details in their report of this vulnerability.

• 0 Comments

For the third year running the cPanel will be holding its annual conference in Houston, Texas from June 11 to 13. This year’s conference promises to be more in depth, with more advanced topics then the previous years. There will be guest speakers, in addition to cPanel developers cPanel techs will be on hand to provide live, in person technical support. Also taking place will be a panel discussion with some cPanel’s developers and techs. With the upcoming release of cPanel Server Suite for Windows scheduled for spring, the conference will have several sessions geared towards the new product and how it will significantly enhance Windows based hosting operations.

Conference registration is once again very reasonable at $60.00 USD per attendee. Attendees will be able to meet vendors and producers of software plugins that work with cPanel as well as service providers that deploy cPanel. As the host of the conference, cPanel will be providing a cocktail reception with a top shelf open bar on the evening of the 11th as well as a sumptuous dinner for all attendees and vendors on the 12th. Lunch and breakfast will also be provided both days.

For more information, please visit the conference site located at http://conference.cpanel.net/

• 0 Comments

cPanel is pleased to announce their 2008 cPanel Conference! For the third consecutive year, cPanel will be holding its annual conference in Houston, Texas June 11, 2008 thru June 13, 2008. The conference this year promises to be more in depth, including more advanced topics than the previous years. There will be guest speakers in addition to cPanel Developers. Also taking place will be panel discussions with some of cPanel’s Developers and Technical Support Specialists.

**Further details and Conference site will be follow shortly.

• 0 Comments

cPanel announced today that it’s security team has identified several key components of a hack known as the Random JavaScript Toolkit. The systems affected by this hack appear to be Linux® based and are running a number of different hosting platforms. While this compromise is not believed to be specific to systems running cPanel® software, cPanel has worked with a number of hosting providers and server owners to investigate this compromise.

The cPanel Security Team has recognized that the vast majority of affected systems are initially accessed using SSH with no indications of brute force or exploitation of the underlying service. Despite non-trivial passwords, intermediary users and nonstandard ports, the attacker is able to gain access to the affected servers with no password failures. The cPanel security team also recognized that a majority of the affected servers come from a single undisclosed data-center. All affected systems have passwordbased authentication enabled. Based upon these findings, the cPanel security team believes that the attacker has gained access to a database of root login credentials for a large group of Linux servers. Once an attacker manually gains access to a system they can then perform various tasks. The hacker can download, compile, and execute a log cleaning script in order to hide their tracks. They also can download a customized root-kit based off of Boxer version 0.99 beta 3. Finally, the attacker searches for files containing credit card related phrases such as cvc, cvv, and authorize.

The actual root-kit has been the subject of much speculation. The cPanel security team asserts that the Boxer variant includes a small web-server which is how the Javascript is distributed to unsuspecting users of any website on the server. It is believed that the Javascript include is injected into the HTML code after Apache® has served the file but before it has traveled through the TCP transport back to the user of the website. The web-server is not loaded onto the hard drive directly but loaded directly into memory from the infected Boxer binaries. More information about the infected binaries can be found at: http://www.cpanel.net/security/notes/random_js_toolkit.html.
The JavaScript being loaded by this web-server is directing users to another server that scans the website user for a number of known vulnerabilities. These vulnerabilities are then used to add the website user to a bot net. More information about the JavaScript hacks can be found at:
http://www.finjan.com/Pressrelease.aspx?id=1820&PressLan=1819&lan=3.
Cleaning the Random JavaScript Toolkit requires the server to be booted into single user mode and the removal of all infected binaries. More details on how to do this can be found at: http://www.cpanel.net/security/notes/random_js_toolkit.html. The cPanel security team believes that the hacker has access to the database of login credentials, the only way to prevent being hacked again is changing the password and not releasing it to
anyone. The preferred method however is to move to SSH Keys and remove password authentication altogether.

This compromise has been in the media lately and discussions can be found at the following locations:
http://www.pcworld.com/article/id,141358-c,techindustrytrends/article.html
http://it.slashdot.org/it/08/01/25/148244.shtml

• 0 Comments

We would like to thank everyone who tested cPanel Server Suite for their efforts and candid evaluations so far.

Based on the feedback received from our first round of beta testing, we have decided to make some major changes to select areas of cPanel Server Suite. While these changes will push back further beta testing, they will not change the overall supported architecture that is described on our site. We look forward to moving along with the changes and will notify the next beta group when the changes are available for testing.

• 0 Comments

Over the upcoming months, we will be modifying many of our customer oriented systems and combining them into the cPanel Customer Portal. The first system to take part in this process is our customer contact system (support, billing and sales requests). Options are now much better organized, easier to find, and much more pleasant to look at. You can open new support requests, contact billing and sales, as well as review past support requests. We have also added a new Priority Support Bundle option to the cPanel Store. This allows purchase of bundles of 10 priority support incidents or one year, which ever comes first. Priority Support is already provided to our direct license holders but this new option will allow cPanel license holders to access priority support even if they have not purchased a license directly from us.

If you have any questions, comments, or run into any problems, no matter how small, do not hesitate to contact sales@cpanel.net.

• 0 Comments

We’ve been hard at work updating the interface for our easyapache apache update utility suite. The interface in WHM is much more streamlined and intuitive then it was previously. If you need to make changes to your Apache configuration, give the new easyapache a try. It’s currently available in all builds of cPanel with the exception of STABLE.

• 0 Comments

The following operating systems are reaching EOL with their respective vendors. While cPanel will continue to support these operating systems, we recommend that customers using these OSes check for an upgrade path with the respective operating system vendor:

SuSE 9.0

Mandriva 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2

FreeBSD 4.2, 4.3, 4.4, 4.5, 4.6, 4.8, 4.10, 5.0, 5.3, 5.4

Keeping your operating system up to date will ensure that you will receive the latest security and system patches from the OS vendor. Operating systems at EOL may not receive any updates, even security updates.

• 0 Comments

• We’ve added support for a few more OS versions. Complete info can be found here:

http://www.cpanel.net/products/cPanelandWHM/linux/sys_requirements.htm

• 0 Comments