Dedicated Linux Server Checklist for the New Year.

MNX Solutions — Sat, 08 Mar 2008 18:06:36 +0000

If you have a dedicated Linux server, this list is for you. Below are a few items you need to do, to ensure your 2008 will be a bit brighter. This list is by no means comprehensive, but hopefully gets you started in the right direction this year. Check your backups and perform a [...]

cPanel Security

admin — Sat, 08 Mar 2008 17:07:28 +0000

SECURITY ALERT: Horde arbitrary file inclusion vulnerabilityAn arbitrary file inclusion vulnerability has been discovered in the Horde webmail application. At present, we can confirm that this security vulnerability in question affects Horde 3.1.6 and earlier. Based on incomplete information at this time, we also believe this affects Horde Groupware 1.0.4 and earlier as well (cPanel does not use Horde Groupware at this time).

cPanel customers should update their cPanel and WHM servers immediately to prevent any chance of compromise. The patch will be available in builds 11.18.2 and greater (or 11.19.2 and greater for EDGE systems). The updated builds will be available immediately to all fast update servers. The builds will be available to all other update servers within one hour of this posting.

To check which version of cPanel and WHM is on your server, simply log into WebHost Manager (WHM) and look in the top right corner, or execute the following command from the command line as root:

/usr/local/cpanel/cpanel -V

You can upgrade your server by navigating to ‘cPanel’ -> ‘Upgrade to Latest Version’ in WebHost Manager or by executing the following from the command line as root:

/scripts/upcp

It is recommended that all use of Horde 3.1.6 and earlier be stopped (on cPanel and non-cPanel systems alike) until Horde updates can be applied. You can disable Horde on your cPanel system by unchecking the box next to ‘Server Configuration’ -> ‘Tweak Settings’ -> ‘Mail’ -> ‘Horde Webmail’ within WHM, and saving the page with the new settings.

TechyBlog.com » Security

Dedicated Linux Server Checklist for the New Year.

cPanel Security