Project InfoSponsor & PartnerInstalling ispCPFAQDocumentationDevelopment
Current time: 04-21-2024, 01:49 AM Hello There, Guest! (LoginRegister)

ispCP - Board - Support / ispCP Omega Development Area / Security Advisories / ispCP Omega 1.0.5 Security Announcement II

Post Reply 
ispCP Omega 1.0.5 Security Announcement II
Author Message
Nuxwin
Unregistered

 
Post: #2
RE: ispCP Omega 1.0.5 Security Announcement II
Dear ispCP users ;

An Identical security hole was discovered today in these scripts:

engine/backup/ispcp-backup-all
engine/backup/ispcp-backup-ispcp

The patch attached to the ticket #2411 was updated today.

Also, it's recommended to remove all the /var/log/ispcp/* log after fixing this security hole by setting debug mode to 0, or by applying the patch. For versions prior to ispCP 1.0.5, it's strongly recommended to migrate and to apply the patch.

Note: For the last script, it's really more important because this time, it's the main SQL account login (eg. SQL root account) credentials that is stored in cleartext.

We apologize for any inconvenience caused.
07-30-2010 06:01 PM
Quote this message in a reply
Post Reply 


Messages In This Thread
RE: ispCP Omega 1.0.5 Security Announcement II - Nuxwin - 07-30-2010 06:01 PM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | isp Control Panel ( ispCP ) | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication