Network Solutions allowed a fraudster to register a deceptive domain name earlier this week: secure-chaseonline.com. Network Solutions also issued a valid SSL certificate for the domain, which was used for a phishing attack which targeted customers of Chase Bank. Phishing attack targeting Chase bank on secure-chaseonline.com The phishing site added further credibility to the attack by using […]
SUMMARY The Apache HTTPD Server Project have released httpd-2.2.25 and httpd-2.4.6 to correct multiple vulnerabilities that were issues CVE’s. Apache HTTP Server 2.2.25 CVE-2013-1896 mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to …
Certificate revocation checking is an essential part of any connection to an SSL site; without it, an attacker can impersonate an SSL site with a compromised certificate until it expires of its own accord — an event which may be 5 years away — even if the issuer of the certificate (the certificate authority, or […]
The following new features have been implemented:
[+] Staff member accounts for administrators. Administrators can create staff member accounts – accounts with limited administrative permissions. Owners of such accounts can help administrators with certain tasks allowed by their permissions.
[+] Adding new language packs. Administrators can add support of new languages to PPA by uploading new language packs.
Millions of websites and billions of people rely on SSL to protect the transmission of sensitive information such as passwords, credit card details, and personal information with the expectation that encryption guarantees privacy. However, recently leaked documents appear to reveal that the NSA, the United States National Security Agency, logs very high volumes of internet […]
6/18/2013 Houston, TX- cPanel, Inc. announces the impending release of cPanel & WHM software version 11.38. cPanel & WHM software release 11.38, is anticipated to move to the STABLE tier the week of June 24, 2013. This release offers significant improvements to SSL Management and Backups. It also provides enhancements …
6/10/2013 Houston, TX- cPanel, Inc. announces the release of cPanel & WHM software version 11.38. cPanel & WHM software release 11.38, which goes to the RELEASE tier today, offers significant improvements to SSL Management and Backups. It also provides enhancements to jail shell, email auto configuration, and more. Improved SSL …
The Malaysian government’s Police Portal (Johor Contingent) is currently hosting a phishing attack against PayPal on its secure website https://www.polisjohor.gov.my (Site Report). Phishing sites using SSL certificates can piggyback on the trust instilled by browser indicators, such as the padlock icon, to trick potential victims into revealing sensitive information such as their username and password. […]
Rank Company site OS Outagehh:mm:ss FailedReq% DNS […]
Despite the inconsistent treatment of certificate revocation by browsers, providing reliable revocation information is an integral part of operating a trustworthy certificate authority (CA) and a well-accepted requirement of Mozilla’s CA root program. However, there are presently thousands of certificates in use which are irrevocable in some major browsers, and hundreds in those browsers which […]
5/7/2013 Houston, TX- cPanel, Inc. announces the release of cPanel & WHM software version 11.38. cPanel & WHM software release 11.38, which releases to the CURRENT tier today, offers significant improvements to SSL Management and Backups. It also provides enhancements to jail shell, email auto configuration, and more. Improved SSL …
(May 2) Stunnel, a program designed to work as an universal SSL tunnel for network daemons, is prone to a buffer overflow vulnerability when using the Microsoft NT LAN Manager (NTLM) authentication (“protocolAuthentication = NTLM”) together with the ‘connect’ protocol [More…]
Creating a CSR from WHM is a very simple. A Certificate Signing request, is given to a certificate authority, to issue a signed and verified SSL. The secure socket layer certificate is used on web servers to encrypt data that […] ↓ Read the rest of this entry…
The following new functionality has been added:
[+] (Linux only) Support for mailnames with apostrophe symbol has been added (28985)
[+] CentOS 5.9 support has been added.
The following bug has been fixed:
[-] MySQL databases with views can’t be restored (121083)
[-] (Linux only) Unable to assign SSL certificates to dedicated IPs for migrated customers (98328)
[-] Empty error message in response at license key rollback via API-RPC.
(Nov 10) Ralf Paffrath reported that Radsecproxy, a RADIUS protocol proxy, mixed up pre- and post-handshake verification of clients. This vulnerability may wrongly accept clients without checking their certificate chain under certain configurations. [More…]
Plesk Panel 10.2 MU#2 for Linux and Windows – Product functional fixes – is available since Apr 14, 2011 through the Autoinstaller
[-] The coupon usage count did not increase if the coupon was applied in online stores.
[-] The form for entering SSL certificate details was not displayed in online stores if a customer ordered a domain name first, then clicked to continue shopping, and finally added an SSL certificate to the order.
[-] Customers failed to apply coupons with the percentage discount to add-ons in cart; instead of a store page, Business Manager displayed the “Store temporary unavailable” page.
[-] Fixed taxes were displayed as applied twice in online stores.
[-] The ordering procedure was successfully completed for customers with prohibited e-mail addresses even if the option “Deny subscriptions from ‘free’ e-mail addresses” was selected.
[-] The e-mail that informed a customer to provide additional details for SSL certificate issuing was sent only once.
[-] The header layout in online store was broken under Internet Explorer 7.
[-] The “State” field in the contact information form was required to fill in online stores even for countries that did not have states.
[-] Custom questions were not displayed in online stores.
[-] Customers could skip attaching add-ons even if the “None”option in the add-ons list was unavailable.
[-] The form for entering domain contacts information was not displayed if a customer added a new domain name from the order confirmation page.
[-] All hosting plans were marked as “Not for sale” if the only accepted way to add domain names was the domain transfer.
56 queries. 9.25 mb Memory usage. 0.341 seconds.