(Dec 8) For the stable distribution (squeeze), these problems have been fixed in version 2.0.11-17. For the testing distribution (wheezy), these problems have been fixed in [More…]
Comment
(Dec 4) Updated kernel-rt packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise MRG 2.2. The Red Hat Security Response Team has rated this update as having [More…]
Case 59926
Dec09
Case 59926
Summary
Multiple privilege escalation vulnerabilities due to the use of Storable for serialization
Security Rating
cPanel has assigned a Security Level of “Important” to this vulnerability.
Description
The Perl Storable module provides support for serialization and deserialization of Perl data structures. In cPanel & WHM this functionality is used for caching data to disk and transferring data between processes. In many areas this caching and interprocess communication crosses privilege separation boundaries.
The version of Storable used in previous releases of cPanel & WHM was unsuitable for this task for multiple reasons:
1. Serialized data was blessed into arbitrary packages as it was deserialized. This could be leveraged to perform unsafe actions in object destructors.
2. Serialized data was tied into arbitrary packages when it was deserialized. This could be leveraged to perform unsafe actions by tieing arbitrary data to sensitive package interfaces.
3. Storable attempted to load code as it deserialized data to create objects where it was lacking an existing class definition. This code loading could be leveraged to bypass normal @INC safety checks or to load security sensitive packages into the process performing the deserialization.
This vulnerability was discovered by the cPanel Quality Assurance Team.
Solution
This issue is resolved in the following builds:
* 11.34.0.10 and greater
* 11.32.5.14 and greater
* 11.30.7.3 and greater
Please update your cPanel & WHM system to one of the aforementioned versions or the latest public release available. A full listing of published versions can always be found at http://httpupdate.cpanel.net/.
Case 60203
Dec09
Case 60203
Summary
Password hashes truncated by 0×80 characters
Security Rating
cPanel has assigned a Security Level of “Moderate” to this vulnerability.
Description
cPanel & WHM relies on the Crypt::Passwd::XS Perl module to perform password hashing. This module suffers from the same vulnerability disclosed in CVE-2012-2143 where passwords with the 0×80 character are truncated when hashed using the DES crypt algorithm. cPanel & WHM systems are configured by default to use the stronger MD5 and SHA512 crypt password hashing algorithms.
This vulnerability was discovered by the cPanel Quality Assurance Team.
Solution
This issue is resolved in the following builds:
* 11.34.0.10 and greater
* 11.32.5.14 and greater
* 11.30.7.3 and greater
Please update your cPanel & WHM system to one of the aforementioned versions or the latest public release available. A full listing of published versions can always be found at http://httpupdate.cpanel.net/.
(Nov 30) Several security issues were fixed in the kernel.