cPanel

Changes:

– Added new advanced PHP decoders for –decode ([D])
– Change main cxs Watch process name during startup while still starting
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions

Changes:

• Added two new advanced PHP decoders for –decode ([D])
• Exploit regex definitions database additions
• Exploit fingerprint definitions database additions

Changes:

• Modification to quarantine to ensure unique filenames
• Exploit regex definitions database additions
• Exploit fingerprint definitions database additions

Changes:

• Added new –ignore [file] option pscript: – regex of web script to ignore
• Set –options [P] ftp timeout to 10 seconds
• Exploit regex definitions database additions
• Exploit fingerprint definitions database additions

SECURITY FIX. Anyone running cxs on a DirectAdmin server should upgrade to this release immediately:Changes:

• Add check for successful open of admin.list on DA servers to avoid a segfault, which could lead to a buffer overflow

This issue is apparent on DirectAdmin servers only where this C wrapper is used.Note: cxs is not currently officially support on anything other than cPanel servers

Changes:

• Fixed problem where dir: ignores where not being fully implemented in single file scans
• Fixed problem where dir: and hdir: ignores where not being fully implemented by the cxs Watch daemon when auto-reloading an ignore file
• Exploit fingerprint definitions database additions