Security patch for ISPConfig 3.0.5.4p5 released

Discussion in 'General' started by till, Apr 17, 2015.

  1. till

    till Super Moderator Staff Member ISPConfig Developer

    A XSS vulnerability has been found in the ISPConfig 3 module changer script.
    The vulnerability requires a valid user login to ISPConfig, unauthenticated
    users are not affected.

    Vulnerable versions:

    All recent ISPConfig 3 releases.

    Fix:

    A patch for ISPConfig 3.0.5.4p5 is available trough the ISPConfig patch tool.

    Patch Installation:

    Run the command:

    ispconfig_patch

    as root user on the shell and enter:

    3054_capp

    as patch code. The patch tool will download the patch from
    ispconfig.org and apply it.

    Credits:

    We thank Alain Homewood for informing us about this issue.

    Alain Homewood
    PwC New Zealand
    http://www.pwc.co.nz/services/assurance-services/pwc-security/
     
    edge likes this.
  2. ahrasis

    ahrasis New Member

    Thank you for the patch. Applied the patch following the above procedure and all went well. Thanks again.
     
  3. laptop_user

    laptop_user Member

    Hi Till,

    I did some changes in ISPC file. Can you tell me which file was affected with this recent update? I need to know so I can add my existing code to the new updated file.

    Thanks in advance.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The file is interface/web/capp.php
     
    laptop_user likes this.
  5. laptop_user

    laptop_user Member

    Thank you
     
  6. rainerwolan

    rainerwolan New Member

    I tried it many times but get this error:
    Enter patch id: 3054_aps
    Patch with id 3054_aps does not exist.
    The ISPConfig version is actual, the same error cames with patch 3054_capp.
    I cant update the package list.
    Any idea whats wrong or to manualy update?
     
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Seems as if you run a firewall which blocks connections on port 80 to the ispconfig server. the patch tool works fine and the patches are available, just tested it:

    Code:
    [email protected]:~# ispconfig_patch
    
    
    --------------------------------------------------------------------------------
     _____ ___________   _____              __ _
    |_   _/  ___| ___ \ /  __ \            / _(_)
      | | \ `--.| |_/ / | /  \/ ___  _ __ | |_ _  __ _
      | |  `--. \  __/  | |    / _ \| '_ \|  _| |/ _` |
     _| |_/\__/ / |     | \__/\ (_) | | | | | | | (_| |
     \___/\____/\_|      \____/\___/|_| |_|_| |_|\__, |
                                                  __/ |
                                                 |___/
    --------------------------------------------------------------------------------
    
    
    >> Patch tool
    
    Please enter the patch id that you want to be applied to your ISPConfig installa                                                                                                                     tion.
    Please be aware that we take NO responsibility that this will work for you.
    Only use patches if you know what you are doing.
    
    Enter patch id: 3054_aps
    
    Patch description:
    --------------------------------------------------------------------------------
    This patch fixes: APS crawler: String could not be parsed as XML
    --------------------------------------------------------------------------------
    Do you really want to apply this patch now? (y,n) [y]: y
    
    (Stripping trailing CRs from patch.)
    patching file interface/lib/classes/aps_crawler.inc.php
    Reversed (or previously applied) patch detected!  Assume -R? [n]
    Apply anyway? [n]
    Skipping patch.
    2 out of 2 hunks ignored -- saving rejects to file interface/lib/classes/aps_crawler.inc.php.rej
    (Stripping trailing CRs from patch.)
    patching file server/lib/classes/aps_installer.inc.php
    Hunk #1 succeeded at 554 (offset -1 lines).
    (Stripping trailing CRs from patch.)
    patching file server/lib/classes/aps_installer.inc.php
    Hunk #1 succeeded at 697 (offset -1 lines).
    
     
  8. rainerwolan

    rainerwolan New Member

    Ah sorry for that, my router was a bit misconfigured.
     

Share This Page