Cpanel Service Emails
From CyberWurx Customer Wiki
(Difference between revisions)
Revision as of 17:17, 12 March 2008 (edit) Cwadmin (Talk | contribs) ← Previous diff |
Revision as of 11:44, 2 May 2008 (edit) (undo) Cwadmin (Talk | contribs) (→March 10, 2008) Next diff → |
||
Line 1: | Line 1: | ||
+ | ==May 2, 2008== | ||
+ | <pre> | ||
+ | NOC: | ||
+ | |||
+ | You are receiving this communication because you are listed as the | ||
+ | tech contact for Cyber Wurx, LLC. | ||
+ | |||
+ | Several potential security issues have been identified with cPanel software and Horde, a 3rd party bundled application. cPanel releases prior to 11.18.4 and 11.22.2 are susceptible to security issues, which range in severity from trivial to medium-critical. Along with the discovery of these potential issues, cPanel has released a new security tool to provide users with protection from XSRF attacks. | ||
+ | |||
+ | |||
+ | |||
+ | Update Advisory | ||
+ | ============================== | ||
+ | All STABLE and RELEASE users are strongly urged to update to their respective 11.18.5 release. CURRENT and EDGE users should update to the latest 11.22.3 release. No releases are deemed susceptible to severe, critical or root access vulnerabilities. | ||
+ | |||
+ | |||
+ | XSRF Protection | ||
+ | ============================== | ||
+ | cPanel has also introduced a tool designed to protect against a category of attacks known as cross-site request forgery (XSRF). This tool will validate the browser referrer information against an approved list of domains. | ||
+ | |||
+ | The list of approved domains is automatically determined according to the system's configuration. Any blocked requests are presented to the end user for approval. This additional step will minimize disruption of workflow while protecting the user from an outside XSRF attack. This check will not prevent bookmarked links in modern browsers from working normally. | ||
+ | |||
+ | XSRF protection is not enabled by default. It is controlled via WHM's Tweak Settings under the Security heading. The protection may also be enabled manually by adding the following line to the end of /var/cpanel/cpanel.config: | ||
+ | |||
+ | referrersafety=1 | ||
+ | |||
+ | and restarting cpsrvd by executing /usr/local/cpanel/startup. | ||
+ | |||
+ | |||
+ | Credits | ||
+ | ================================ | ||
+ | cPanel Security Auditing | ||
+ | Jeff Petersen ( Myriad Network ) | ||
+ | Cassidy B. Larson ( InfoWest, Inc. ) | ||
+ | Bugtraq ( http://www.securityfocus.com/archive/1/491230 ) | ||
+ | Matteo Carli | ||
+ | Linux_Drox | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | --------------------- | ||
+ | </pre> | ||
+ | |||
==March 10, 2008== | ==March 10, 2008== | ||
<pre> | <pre> |
Revision as of 11:44, 2 May 2008
Contents |
May 2, 2008
NOC: You are receiving this communication because you are listed as the tech contact for Cyber Wurx, LLC. Several potential security issues have been identified with cPanel software and Horde, a 3rd party bundled application. cPanel releases prior to 11.18.4 and 11.22.2 are susceptible to security issues, which range in severity from trivial to medium-critical. Along with the discovery of these potential issues, cPanel has released a new security tool to provide users with protection from XSRF attacks. Update Advisory ============================== All STABLE and RELEASE users are strongly urged to update to their respective 11.18.5 release. CURRENT and EDGE users should update to the latest 11.22.3 release. No releases are deemed susceptible to severe, critical or root access vulnerabilities. XSRF Protection ============================== cPanel has also introduced a tool designed to protect against a category of attacks known as cross-site request forgery (XSRF). This tool will validate the browser referrer information against an approved list of domains. The list of approved domains is automatically determined according to the system's configuration. Any blocked requests are presented to the end user for approval. This additional step will minimize disruption of workflow while protecting the user from an outside XSRF attack. This check will not prevent bookmarked links in modern browsers from working normally. XSRF protection is not enabled by default. It is controlled via WHM's Tweak Settings under the Security heading. The protection may also be enabled manually by adding the following line to the end of /var/cpanel/cpanel.config: referrersafety=1 and restarting cpsrvd by executing /usr/local/cpanel/startup. Credits ================================ cPanel Security Auditing Jeff Petersen ( Myriad Network ) Cassidy B. Larson ( InfoWest, Inc. ) Bugtraq ( http://www.securityfocus.com/archive/1/491230 ) Matteo Carli Linux_Drox ---------------------
March 10, 2008
NOC: You are receiving this communication because you are listed as the tech contact for Cyber Wurx, LLC. Summary: The Horde webmail application framework has been updated to 3.1.7. Upgrades have been made in cPanel's PHP application security model. Description: The Horde webmail application framework has been updated to 3.1.7 for the official fix to the previously announced arbitrary file inclusion vulnerability. cPanel has also made upgrades in cPanel's PHP application security model for Horde, PHPMyAdmin, and PHPPGAdmin. These upgrades have been made to minimize or mitigate undiscovered vulnerabilities in these third-party applications while running within a cPanel installation. Fix Details: It is recommended that all cPanel servers running Horde be updated to either cPanel 11.18.3 or cPanel 11.19.3. If you do not wish to update cPanel, it is strongly recommended that you keep horde disabled until these updates have been applied. You can disable horde on your cPanel system by unchecking WHM -> Server Configuration -> Tweak Settings -> Mail -> Horde Webmail, and saving with the new settings. You can check your current version of cPanel by executing: /usr/local/cpanel/cpanel -V Updates can be run via the following command executed from a root shell: /scripts/upcp Updates can be run through WHM as well. Login to WHM, then select cPanel -> Upgrade to Latest Version -> Click to Upgrade. References: http://lists.horde.org/archives/announce/2008/000382.html Credits: cPanel would also like to thank Jeff Petersen and Rob Brown for the additional security information provided with regards to this update. ---------------------
Jan 15, 2008
NOC: You are receiving this communication because you are listed as the tech contact for Cyber Wurx, LLC. A recent update of the Perl module PathTools which provides Cwd and the File::Spec module namespace introduces usage of Perl 5.10 functions. This change will result in an undefined symbol error similar to: symbol lookup error: /usr/lib/perl5/5.8.8/i686-linux/auto/Cwd/Cwd.so: undefined symbol: strlcpy More Information about this problem is available in CPAN's bug tracking system: http://rt.cpan.org/Public/Bug/Display.html?id=32296 On cPanel systems this issue will be immediately evident in the cPanel user interface for MySQL, resulting in a failure to display any end user databases as well as preventing any modifications to MySQL configurations. This issue has been addressed in the cPanel code base and systems running cPanel 11 will be automatically repaired. This issue can be manually repaired on cPanel 10 systems by running the following commands: rm -f /home/.cpcpan/modules.versions /scripts/perlinstaller --force Cwd cPanel recommends updating any systems running versions of cPanel less than 11 to the latest available version. PathTools 3.2501 is latest working version of the module. This version can be found on CPAN at the following URL: http://search.cpan.org/~kwilliams/PathTools-3.2501/ The direct download URL for PathTools 3.2501 provided by cPanel is: http://httpupdate.cpanel.net/CPAN/authors/id/K/KW/KWILLIAMS/PathTools-3.2501.tar.gz ---------------------
Sept 4, 2007
From billing@cpanel.net Subject cPanel Advisory: IO::Compress and DNS Zones missing Body NOC: You are receiving this communication because you are listed as the tech contact for Cyber Wurx, LLC. Dear cPanel Partner, The CPAN module IO::Compress::Zlib version 2.006 has caused several issues for some. The problems arise due to a dependency upon IO::Compress::Base not being correctly installed. This is due to some mirrors not being updated with the proper dependency information. Since the dependencies are incorrect, the module no longer functions properly. The most noticeable problem from this is the complete breakage of DNSAdmin, however other issues are caused. To alleviate the problems, cPanel is providing a hotfix which can be applied in the following manner: From the command line: 1. SSH into your server as root. 2. At the command line, execute the following: /scripts/autorepair io_compress_gzip Or from WHM: 1. Log into WHM as root 2. Enter the following URL into your browser's address bar: https://__YOURSERVERHERE__:2087/autofixer (example: https://www.example.com:2087/autofixer) 3. When prompted, enter: io_compress_gzip The autofixer will report it is applying "IO::Compress::Zlib autorepair verison 1.1" This process replaces the IO::Compress::Zlib with version 2.005. Also a hold back has been enabled to prevent the perl installer process from installing IO::Compress::Zlib version 2.006 until a new version is available that fixes this problem. For non-cPanel servers that experience this issue, it is also possible to resolve this manually by performing the following steps: 1. SSH into your server as root. 2. Execute the following commands: wget http://search.cpan.org/CPAN/authors/id/P/PM/PMQS/IO-Compress-Base-2.006.tar.gz tar xfzv IO-Compress-Base-2.006.tar.gz cd IO-Compress-Base-2.006 perl Makefile.PL make make install The manual fix will also work for a cPanel server. In order to expedite the process, we have also updated all published builds to include the fix. If you incur any difficulties during the update process or have any questions or concerns you wish us to address, please contact our support team by opening a support ticket though the manage interface. -- Matthew Carey Technical Support Manager techmgr@cpanel.net +17135290800 x 4041
Aug 24, 2007
From billing@cpanel.net Subject cPanel Advisory: Spamassassin 100% cpu usage. Body NOC: You are receiving this communication because you are listed as the tech contact for Cyber Wurx, LLC. Dear cPanel Partner, There have been numerous reports recently regarding excessive CPU utilization by spamd. This is occurring as a result of a bug in the berkelydb implementation used by SpamAssassin, which causes spamd children to enter an infinite loop when attempting to open a temporary file in the user's ~./.spamassassin directory. You can determine whether or not this is the case by executing a trace against the spamd process in question, and monitoring the trace for repeated calls to open() a file in ~/.spamassassin/__db.[DB_NAME]. For example, you can launch a trace on the affected process with the following command: strace -vvFf -s 4096 -e trace=file -p [PID] A trace on an affected server would repeated output something similar to the following: open("/home/user/.spamassassin/__db.bayes_toks.new", O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = -1 EEXIST (File exists) open("/home/user/.spamassassin/__db.bayes_toks.new", O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = -1 EEXIST (File exists) open("/home/user/.spamassassin/__db.bayes_toks.new", O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = -1 EEXIST (File exists) open("/home/user/.spamassassin/__db.bayes_toks.new", O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = -1 EEXIST (File exists) We have devised a work around for SpamAssassin, which can be applied by taking the following steps: killall -TERM spamd # ensure all hung spamd processes are terminated killall -9 spamd # ensure all hung spamd processes are terminated Visit the following WHM URL: https://__your_sever_ip_here__:2087/scripts2/autofixer Enter spamd_dbm_fix into the input field, and click 'Submit' Once the patch has been applied, the spamd loads should subside. If the problem persists after applying the patch, please let our support team know, and they will investigate any outstanding issues. We have notified the SpamAssassin developers of this issue, and expect that this will be resolved in versions 3.2.4 and greater. ---------------------
Aug 17, 2007
From billing@cpanel.net Subject Spamassassin & perl 5.8.8 Body NOC: You are receiving this communication because you are listed as the tech contact for Cyber Wurx, LLC. Dear cPanel Partner, There have been reported issues recently with SpamAssassin in regards to: 1. Load Issues 2. Spamd locking 3. Not catching all spam e-mail To resolve these issues, please upgrade Perl to version 5.8.8 which is recommended for using cPanel 11. You can ensure that each installed module gets carried over to the updated Perl build with the use of the “autobundle” CPAN feature. You can create a bundle of the currently installed modules by executing the following while logged in via SSH as root: perl -MCPAN -e 'autobundle' Once completed, you should see the following output before getting returned to the shell: 'Wrote bundle file /home/.cpan/Bundle/Snapshot_2007_08_16_00.pm' Once you've made note of this file name, you can proceed with the update. On linux based systems, you should be able to update Perl using the installer provided at layer1.cpanel.net: cd /root wget http://layer1.cpanel.net/perl588installer.tar.gz tar -zxf perl588installer.tar.gz cd perl588installer ./install On FreeBSD based systems, you will need to install Perl from ports. This will take a few minutes, so take a coffee break and check the status when you return. Once the update has completed, you can install all previously installed modules from the CPAN bundle by executing the following (with the bundle name adjusted to the name of the bundle generated earlier): perl -MCPAN -e 'install Bundle::Snapshot_2007_08_16_00' This should install each of the modules present in the bundle, assuming there are no issues during the installation (dependencies, network, etc). Once this has completed, execute the following to ensure that all modules required by cPanel are installed, and restart cPanel: /usr/local/cpanel/bin/checkperlmodules /usr/local/cpanel/startup For more details on the cPanel 11 updates, please refer to the release notes at the following URL: http://www.cpanel.net/products/cPanelandWHM/linux/cpanel11/releasenotes.pdf As always, if you incur any complications during the updates, or have any questions/concerns you would like us to address, contact our support team by opening a support ticket, and we will gladly assist you! Matt Carey Technical Support Manager cPanel mattc@cpanel.net
Oct 25, 2007
From billing@cpanel.net Subject [cPanel] Updating to builds later then 16800 recommend. Body NOC: You are receiving this communication because you are listed as the tech contact for Cyber Wurx, LLC. We are currently tracking a potential denial of service issue with builds older then 16800 (early September). At this time, we recommend customers that are still running these older builds update to any of the currently released versions. The latest builds are: 11.11.0-STABLE_16999 11.15.0-RELEASE_17665 11.15.0-CURRENT_17700 11.15.0-EDGE_17700 More information will be provided if and when it becomes available. Please note that this may be an unrelated issue, and that this notice only serves as an early warning. -cPanel Support Team ---------------------