Current time: 11-27-2024, 04:46 PM Hello There, Guest! (LoginRegister)


Post Reply 
Security Announcement: Backup Restore Manager
Author Message
RatS Offline
Project Leader
******

Posts: 1,854
Joined: Oct 2006
Reputation: 17
Post: #1
Security Announcement: Backup Restore Manager
Today another critical security issue has been found. All ispCP Omega versions are effected.
It is possible to use the ispCP Client Backup Manager to restore forged backups and - in worst case - gain control over the server system.

We strongly recommend to fix the described security issue by disabling the backup restore routine. For this open the ispcp-dmn-mngr in /var/www/ispcp/engine/ and search for

Code:
sub dmn_restore_data {

add
Code:
exit 1;

directly in the next line.

We try to deliver a patch as fast as possible. You can follow the status in ticket: 2440
08-30-2010 01:23 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Messages In This Thread
Security Announcement: Backup Restore Manager - RatS - 08-30-2010 01:23 AM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)