Server Software and Configuration Services
Changes: Fixed a SECURITY BUG in Quarantine file restore which could result in root privilege escalation. The destination restore file must not now exist before restoring will work. Our thanks to Jeff Petersen for reporting this issue All cxs users…
Changes: Fixed a SECURITY BUG that can be exploited remotely via log file spoofing resulting in root privilege escalation. Our thanks to Jeff Petersen for reporting this issue All csf users should upgrade to this release immediately
Changes: New –options [R]. It will trigger a match for the inbuilt regex used by –options [D] when decoding PHP encoded (base64, etc) scripts Improvements to –decode ([D]) option so that both the last and the penultimate decode level are…
Changes: Removed code that dropped privileges to the “nobody” user while running the interactive php interpreter as it broke subsequent scanning at depth Exploit regex definitions database additions Exploit fingerprint definitions database additions
Changes: New feature: Connection Limit Protection (CONNLIMIT, CONNLIMIT_LOGGING). This option configures iptables to offer more protection from DOS attacks against specific ports. It can also be used as a way to simply limit resource usage by IP address to specific…
Changes: Improvements to –decode ([D]) option New Feature – Added daily check for new Exploit Fingerprints. If cxs is scheduled to check for a new version daily, an additional check for new Exploit Fingerprints released since the last cxs version…
Changes: Fixed issue with licensing introduced in v4.33
Changes: Added hook for new msfe option to continue MailScanner if clamd stopped “Spam List” setting now defaults to an blank setting on new installations – this is best done in the cPanel exim configuration “Max Spam Check Size” now…
Changes: Modified MailWatch.pm to silence the spurious “commit ineffective with AutoCommit enabled” messafe on MailScanner restart Added virtual pagination to MailScanner Configuration WHM UI Modified the WHM UI presentation Added new option to WHM UI which allows you to toggle…
Changes: When any delete/empty action is performed any local maildirsize file is removed to force free maildir space rebuild Added SpamAssassin SA Learn button to learn spam against a directory if our MailScanner script is installed