[HOT FIX - Unofficial] Critical FTP Module Exploit 07-16-2015, 08:22 AM (This post was last modified: 07-17-2015, 02:36 AM by apinto. Edit Reason: Tags )
Disclaimer: Nothing below is official, I just wanted to release a easy patch ASAP. However all the code is merged on the official GitHub Repository and is tested on my own production server
As it was discussed on various topics (http://forums.sentora.org/showthread.php?tid=1680) and on GitHub (Issue PhpMyAdmin cannot open and Issue sentastico package) there is a critical exploit under the FTP Module.
Users are encouraged to either fix or disable the FTP Management Module.
Hot Fix for the FTP Exploit
I released a quick hotfix bash script.
Just run the following command on the server as root (sudo is not recommended)
This will download the fixed script and replace the old one (creating a backup of the old file).
bash <(curl -s http://repo.vanguardly.com/sentora/scripts/hotfix-ftp-module/hotfix-ftpmod-v1)
Hope this helps!
Tagging: Me.B TGates