Onderwerp: Exploit solusvm

PLEASE READ THIS INFORMATION CAREFULLY. THIS INFORMATION IS RELEVANT TO ALL VERSION OF SOLUSVM, INCLUDING BETA VERSIONS.
In the last few hours a security exploit has been found. This email is to inform you of a temporary fix to eliminate this exploit whilst the issue is patched and transferred to our file servers for release.
Instructions:
You will need root SSH access to your master server. You are then required to delete the following file:
/usr/local/solusvm/www/centralbackup.php
Example:
rm –f /usr/local/solusvm/www/centralbackup.php
Once the file is deleted the exploit can no longer be used. This file only exists on the master server and the slaves will not be affected.
You will receive a follow-up email once the patch versions are available.
Regards,
Soluslabs Security Team

Bedankt voor de waarschuwing, heb je dit zojuist per mail binnengekregen ?

Oorspronkelijk geplaatst door Smashmint

Bedankt voor de waarschuwing, heb je dit zojuist per mail binnengekregen ?

Dit heb ik inderdaad net via de mail binnen gekregen

http://screen.uscn.nl/1371383833-f1RBZ.png

Ook hier te lezen http://blog.soluslabs.com/2013/06/16...usvm-versions/

Updateje:

Soluslabs Ltd Sunday, June 16, 2013
05:52:47 PM GMT 0
Dear ...,

PLEASE READ THIS INFORMATION CAREFULLY. THIS INFORMATION IS RELEVANT TO ALL VERSIONS OF SOLUSVM, INCLUDING BETA VERSIONS.

A security update has now been released for the Stable and Beta versions of SolusVM. We advise you to make this update as soon as possible.

To run the update you can either do it from within the SolusVM admin area or from CLI on the master server. To preform the update from CLI the commands differ depending on the version of SolusVM you are running.

==================

Stable version:

/scripts/upcp

Beta version:

/scripts/upcp-beta

==================

Once the update is complete you will have the patched system.

We have included the original instructions in this email that were given when the exploit was announced and before we released the patched updates. If you feel the need to remove the originally exploited file after the update you can do the following:

==================

Instructions:

You will need root SSH access to your master server. You are then required to delete the following file:

/usr/local/solusvm/www/centralbackup.php

Example:

rm –f /usr/local/solusvm/www/centralbackup.php

==================

Due to this exploit we are conducting a full audit of the SolusVM client area code. The audit is already underway and any updates, if needed will be released in quick succession.

A full explanation of this exploit will be released in due course. We will also be reviewing the release status of version 1.14 due to the advanced security features it already contains.

Thank you for your continued support and apologies for any inconvenience caused.
Regards,
Soluslabs Security Team

2008-2013 © Soluslabs Ltd. All Rights Reserved
Please add us to your safe senders list to ensure you keep receiving these emails.

Nog een update met een update:

PLEASE READ THIS INFORMATION CAREFULLY. THIS INFORMATION IS RELEVANT TO ALL VERSIONS OF SOLUSVM, INCLUDING BETA VERSIONS.
As you may be aware we are currently running a full in house and external code audit. This release contains several important security fixes for all versions of SolusVM.

We highly suggest you update your system as soon as possible. Updates are available through the normal channels.

Latest Beta Version: 1.14.00 R5
Latest Stable Version: 1.13.05

Please be aware the audit is still underway and more updates may follow.

Thank you for your co-operation and understanding.

Regards,
Soluslabs Security Team

2008-2013 © Soluslabs Ltd. All Rights Reserved
Please add us to your safe senders list to ensure you keep receiving these emails.

Goed dat ze er wel bovenop zitten. En gelukkig heb ik nog nooit problemen gehad met updates bij Solus, anders dan bijv. bij Plesk.

Nog een beveiligingslek in de WHMCS module: http://blog.soluslabs.com/2013/06/24...-whmcs-module/

Hier is de e-mail:

Soluslabs Ltd Monday, June 24, 2013
08:06:57 AM GMT 0
Dear Daniel Koop (Yourwebhoster.eu),

We have been made aware of a potential security issue with our WHMCS Billing Module. We suggest you disable the module and rename/delete the /modules/servers/solusvmpro folder as soon as possible.

A new module will be released shortly to patch the security problem.

Regards
Soluslabs Security Team
2008-2013 © Soluslabs Ltd. All Rights Reserved
Please add us to your safe senders list to ensure you keep receiving these emails.

Opmerking: er zijn ook losse bestanden in de root van WHMCS die je moet wijzigen:
- changehostname.php
- console.php
- consolepassword.php
- graphs.php
- rootpassword.php
- vnc.php
- vncpassword.php

Ik ken de exploit niet maar als de module uitgeschakeld moet worden dan kan het beter op deze manier.

Update:

Soluslabs Ltd Monday, June 24, 2013
04:42:38 PM GMT 0
Dear Daniel Koop (Yourwebhoster.eu),

A new WHMCS billing module has been released for SolusVM. The module contains important security fixes and we advise you to upgrade as soon as possible.

The module can be downloaded here http://docs.solusvm.com/v2/Default.h...stallation.htm and the direct link to the module download is http://files.soluslabs.com/solusvm/m...dule_v3.17.zip

Regards
Soluslabs Security Team
2008-2013 © Soluslabs Ltd. All Rights Reserved
Please add us to your safe senders list to ensure you keep receiving these emails.

nieuw update:


Soluslabs Ltd Monday, June 24, 2013
11:12:12 PM GMT 0
PLEASE READ THIS INFORMATION CAREFULLY. THIS INFORMATION IS RELEVANT TO ALL VERSIONS OF SOLUSVM, INCLUDING BETA VERSIONS.
As you may be aware we are currently running a full in house and external code audit. This release contains several important security fixes for all versions of SolusVM.

We highly suggest you update your system as soon as possible. Updates are available through the normal channels.

Latest Beta Version: 1.14.00 R7
Latest Stable Version: 1.13.07

Please be aware the audit is still underway and more updates may follow.

Thank you for your co-operation and understanding.

Regards,
Soluslabs Security Team

new update:

A new update to SolusVM has been released. SolusVM 1.13.09 & 1.14.00 Beta R9 are now available.

This release contains minor code fixes and security enhancements/changes as part of our code audit. We suggest you upgrade to the newest version to benefit from the latest changes & enhancements.

All information on this release will be included in the audit report. More information and the status of our audit will be released as soon as we have confirmation on the start date of the external audit.

Regards,
Soluslabs Ltd