Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Technical

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 1st July 2014, 04:30
IzFazt IzFazt is offline
Member
 
Join Date: Jul 2009
Posts: 30
Thanks: 3
Thanked 6 Times in 5 Posts
Exclamation vulnerability ISPconfig Wheezy

I am experinencing a tsunami of hacks after which phishing software is posted on my server by this exploit

http://security.stackexchange.com/qu...in-php-attacks

on my installation following this tutorial :

http://www.howtoforge.com/perfect-se...ot-ispconfig-3

anybody can tell me wether the hack is fixed by the solution in stackexchange or any other instances on vhosts ca also have cgi execute PHP ?
Reply With Quote
The Following User Says Thank You to IzFazt For This Useful Post:
Williamsl (23rd July 2014)
Sponsored Links
  #2  
Old 1st July 2014, 09:44
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,652 Times in 4,461 Posts
Default

First of all, this is a php vulnerability and its not related to the use of ispconfig. The vhosts by ispconfig use php-fcgi by default, so they were never affected. The vulnerability affects only old php versions and has been fixed last year august (if I remember correctly) by the php developers. If you have the current php updates installed on your server, then you should not be affected by this at all as the current php in wheezy is not vulnerable.

The workaround to disable php cgi is working, it has been published here already last year.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following 2 Users Say Thank You to till For This Useful Post:
IzFazt (1st July 2014), Williamsl (12th July 2014)
  #3  
Old 1st July 2014, 17:45
IzFazt IzFazt is offline
Member
 
Join Date: Jul 2009
Posts: 30
Thanks: 3
Thanked 6 Times in 5 Posts
 
Default

thank you , stuff is outside my day-to-day knowledge so sorry of I said something out of the ordinary, very glad this is solving the hack, all is up to date, just this afternoon another hack attempt was registered and it failed
Reply With Quote
The Following User Says Thank You to IzFazt For This Useful Post:
Williamsl (22nd July 2014)
Reply

Bookmarks

Tags
exploit, vulnerability ispconfig, wheezy

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Moving ispconfig fromo ubuntu 13.10 to debian wheezy not working masc Installation/Configuration 0 12th February 2014 21:57
about 150 mysql connection topedge Installation/Configuration 3 24th January 2014 10:14
Problem access ispconfig url wearth General 1 30th May 2013 14:50
around 80 sleeping connections created by ISPConfig bkilinc General 2 1st October 2012 17:12
Control Panel - E-mail Tab is empty domi-nik General 15 14th April 2011 19:17


All times are GMT +2. The time now is 12:07.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.