Chirpy

Chirpy

  • Joined: 25th June 2013
  • Articles: 1502

New csf v6.23

Changes: Security – added new option RESTRICT_UI. This options restricts the ability to modify settings within csf.conf from the csf UI. Should the parent control panel be compromised, these restricted options could be used to further compromise the server. This…

New cxs v3.04

Changes: Security – Fixed file view from quarantine – reported by Rack911 Security – Further improved UI form data sanitisation Bolstered the UI warning with regard to disabling Restricted Mode  

New cxs v3.03

Changes: Fixed broken UI items Improvements to the ignore logic Improved UI form data sanitisation Exploit fingerprint definitions database additions  

New MailScanner Front-End v4.43

Changes: Fixed location of msfe.div in WHM UI Sanitised user data input to prevent running unauthorised commands via the UI. A user would require root access to exploit this, so risk is low Changed backtick calls to use Open3

New cxs v3.02

Changes: Security – Added UI Restricted Mode which is enabled by default. This disables features in the UI that could allow abritrary commands to be run as root and system files to be overwritten. To enable unrestricted access to the…

New cxs v3.01

Changes: Implement slurp routine for configuration files to cater for incorrect linefeeds Improvements to forced quarantine feature within –xtra [file] and updated instructions provided in cxs.xtra.example Security – Quarantine improvements Exploit fingerprint definitions database additions

New cmm v1.22

Changes: Sanitised user data input to prevent running unauthorised commands via the UI. A user would require root access to exploit this, so risk is low Changed backtick calls to use Open3