Sections
-
Recent Posts
Tags
Archives
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- May 2008
- March 2008
- January 2008
- December 2007
- September 2007
- June 2007
- March 2007
- February 2007
- November 2006
- December 2005
- November 2005
- August 2005
- October 2004
Section: Security
TSR Update
The following disclosure covers the Targeted Security Release 2013-06-05. Each vulnerability is assigned an internal case number which is reflected below. Information regarding the cPanel Security Level rankings can be found here: http://go.cpanel.net/securitylevels Case 68189 Summary An arbitrary files read and unlink vulnerability in cPanel, WHM, and Webmail. Security Rating …
Important: 2013-06-05 Targeted Security Releases
cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having important security impact. Information on …
IMPORTANT: cPanel Security Notice 2013-06-03
SUMMARY The Apache mod_rewrite module fails to sanitize input, which may lead to arbitrary command execution in some circumstances. SECURITY RATING The cPanel Security Team has rated this update has having critical security impact. Information on security ratings is available at: http://go.cpanel.net/securitylevels. You are strongly encouraged to run EasyApache and …
Update for cPanel & WHM Versions 11.38, 11.36, 11.34, & 11.32
cPanel, Inc. has published a security update for cPanel & WHM versions 11.38, 11.36, 11.34, and 11.32. This update resolves an issue with unchecked reseller privileges. We recommend all customers update to the latest build of each version as soon as possible. The cPanel Security Team has assigned a rating …
cPanel & WHM Security Releases for 11.32, 11.34, and 11.36
cPanel has published security updates for all supported versions of cPanel & WHM. These updates contain fixes for a problem with the Roundcube webmail application. We recommend all customers update to the latest build of each version as soon as possible. The cPanel Security Team has assigned a rating of …
Posted in key, News, Security
Tagged: 11.32, 11.34, 11.36, cPanel WHM Security, security
Leave a comment
2013-02-26 cPanel & WHM Security Advisory for 11.32, 11.34, and 11.36
The following disclosure covers the Targeted Security Release 2013-02-26. Each vulnerability is assigned an internal case number which is reflected below. Information regarding cPanel’s Security Level rankings can be found here: http://go.cpanel.net/securitylevels Case 63700 Summary File disclosure and code execution using API 2 call Security Rating cPanel has assigned a …
cPanel, Inc. Announces Additional Internal Security Enhancements
This is a follow up on the status of the security compromise that cPanel, Inc. experienced on Thursday, February 21, 2013. As mentioned in our email sent to cPanel Server Administrators who’ve opened a ticket with us in the past 6 months, on February 21 we discovered that one of …
Posted in Security
Leave a comment
Important: cPanel & WHM 11.36, 11.34, and 11.32 Security Releases
cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having important security impact. Information on …
cPanel Security Team GNU Privacy Guard (GnuPG)
The cPanel Security Team uses a GNU Privacy Guard (GnuPG) key to secure communications. Mail sent to security@cpanel.net can be secured using our public key. GNuPG keys are also used to sign security advisories, and other public communications, issued by the cPanel Security Team. We expect to change the key …
cPanel Security Release 11.34.1.7
cPanel has published a new security release, 11.34.1.7, containing Rails and ProFTPd security fixes. We recommend that all affected customers on the CURRENT, RELEASE, and STABLE tiers update to 11.34.1.7 as soon as possible. This release addresses two major vulnerabilities with Ruby on Rails (CVE-2012-5664 and CVE-2013-0156) which are resolved …