This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

[HOT FIX - Unofficial] Critical FTP Module Exploit
#1
[HOT FIX - Unofficial] Critical FTP Module Exploit
[Image: Ubuntu-14.04-orange.svg?style=flat-square] [Image: Hot_Fix-CRITICAL-red.svg?style=flat-square] [Image: Sentora-1.0.0-blue.svg?style=flat-square] 
Disclaimer: Nothing below is official, I just wanted to release a easy patch ASAP. However all the code is merged on the official GitHub Repository and is tested on my own production server

As it was discussed on various topics (http://forums.sentora.org/showthread.php?tid=1680) and on GitHub (Issue PhpMyAdmin cannot open and Issue sentastico package) there is a critical exploit under the FTP Module.

Users are encouraged to either fix or disable the FTP Management Module.

Hot Fix for the FTP Exploit
I released a quick hotfix bash script.
Just run the following command on the server as root (sudo is not recommended)
Code:
bash <(curl -s http://repo.vanguardly.com/sentora/scripts/hotfix-ftp-module/hotfix-ftpmod-v1)
This will download the fixed script and replace the old one (creating a backup of the old file).

Hope this helps!

Tagging: Me.B TGates
My Sentora Resources
[Module] Mail Quota Count | Vagrant Box with Sentora

[Image: vanguardly-logo-micro.png]
Graphic and Web Design. Development.
www.vanguardly.com


Reply
Thanks given by: TGates , tkramer


Messages In This Thread
[HOT FIX - Unofficial] Critical FTP Module Exploit - by apinto - 07-16-2015, 08:22 AM

Possibly Related Threads...
Thread Author Replies Views Last Post
sentora 1.0.3 & critical patch for sentora 1.0.x Me.B 24 24,509 10-11-2015, 10:20 PM
Last Post: Finallf

Forum Jump:


Users browsing this thread: 1 Guest(s)