المشاركة الأصلية كتبت بواسطة Damas
جزاك الله كل الخير اخي الحبيب على هذا الشرح والتوضيح
بالفعل الأن وصلتني رسالة من cpanel.net وهذا نصها تصديقا لكلامك
You are receiving this communication because you are listed as the
direct contact for Damasgate.com.
---------------------------------------------
Date: Sun Sep 24 2006
---------------------------------------------
---------------------------------------------
Summary:
---------------------------------------------
Due to a recently discovered bug, it will be necessary for users
who are running the CURRENT, RELEASE and STABLE branches to run a cPanel software
update.
---------------------------------------------
Description:
---------------------------------------------
An uncompilied mysqladmin script allowed an exploited copy of MySQL.pm to be places
within the directory location of mysqladmin. This copy of MySQL.pm would be given
preference by mysqladmin due to the precedence order of perl module searches. A
malicious user could then use an exploited copy of MySQL.pm to elevate their system
access (including root access).
A patch for this issue has been released. Please note that this is a local issue and
a system cannot be compromised remotely. The malicious user must have access to an
account on the system to take advantage of this script.
All cPanel and WHM server will automatically receive a patch for this update. This
patch has been applied to most servers and will be applied to the remaining number
of servers during the scheduled update on Sunday night, September 25th, 2006. It can
be applied manually as per the instructions below.
---------------------------------------------
References:
---------------------------------------------
None
---------------------------------------------
Affected Systems:
---------------------------------------------
All builds on all platforms are vulnerable up to and including (11.0.0
build 492), all builds after that have been fixed. All previous builds after 9.0.0
will be automatically patched by the updater if automatic updates are set.
---------------------------------------------
Fix Details:
---------------------------------------------
We recommend updating (if you do not wish to update see the manual patch
instructions below) to the latest EDGE or CURRENT build as these builds include the
latest security patch as well as additional protection (the underlying wrapper now
contains vastly improved input sanitization). To do this, you will need to modify
your upgrade settings thorugh the ‘Update Config’ function in the ‘Server
Configuration’ menu of WebHost Manager.
Login to WebHost Manager
Naviagte to the the ‘Update Config’ function in the ‘Server Configuration’ menu.
Change your cPanel/WHM Updates option to CURRENT or bleeding EDGE (Automatic updates
recommended).
Click on ‘Save’
Use the ‘Upgrade to Latest Version’ option within the ‘cPanel’ menu.
You can also apply the patch without updating:
You can either run /scripts/upcp from the command line as root, or you can also
upgrade from inside WebHostManager by using the ‘Upgrade to Latest Version’ option
within the ‘cPanel’ menu.
You may also apply just the patch manually through the following steps:
SSH into your server and gain root access
wget -q -O -
http://layer1.cpanel.net/installer/sec092406.pl | perl
You can verified the server is patched by running:
wget -q -O -
http://layer1.cpanel.net/installer/c...cker_092406.pl |
perl
---------------------------------------------
If you find there is still a problem after updating to the version(s) mentioned
above, please file a support ticket with the cPanel Technical Support team at
https://tickets.cpanel.net/submit/in...eqtype=tickets
---------------------------------------------
Credits
---------------------------------------------
Information in this advisory was obtained from information provided from:
Brent Oxley (Host Gator)
Rob Brown (Blue Host)
---------------------
) تناقل الهكر ثغرة 0 day في الـ cPanel ... اليوم تم اكتشاف الثغره وحلها.
.. وبصدق ، كل الهكرز والقروبات ماحد اهتم كثير الا بعد ان تم اختراق سيرفرات شركة عالمية كبيره مثل HostGator .
رد مع اقتباس
