ConfigServer Services Blog

New MailScanner Script v2.83

Changes:

  • Changes “no_message_logs” to “message_logs = false” for exim.conf so that the new cPanel v11.32 exim configuration editor doesn’t complain
  • New Mailscanner v4.84.3:http://www.mailscanner.info/ChangeLog

New cxs v2.44

Changes:

  • Added new –ignore [file] option pscript: – regex of web script to ignore
  • Set –options [P] ftp timeout to 10 seconds
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New csf v5.43

Changes:

  • csf and lfd modified to better handle !lo interface for compatibility with newer iptables versions
  • Removed use of Sys::Hostname::Long
  • Added new options LF_APACHE_403 and LF_APACHE_403_PERM. This option will keep track of the number of “client denied by server configuration” errors in HTACCESS_LOG. If the number of hits is more than LF_APACHE_403 in LF_INTERVAL seconds then the IP address will be blocked. See csf.conf for more information

New cxs v2.43 (security fix)

SECURITY FIX. Anyone running cxs on a DirectAdmin server should upgrade to this release immediately:Changes:

  • Add check for successful open of admin.list on DA servers to avoid a segfault, which could lead to a buffer overflow

This issue is apparent on DirectAdmin servers only where this C wrapper is used.Note: cxs is not currently officially support on anything other than cPanel servers

New csf v5.42 (security fix)

SECURITY FIX. Anyone running csf on a DirectAdmin server should upgrade to this release immediately:Changes:

  • Add check for successful open of admin.list on DA servers to avoid a segfault, which could lead to a buffer overflow

This is in response to http://www.exploit-db.com/exploits/18225/This issue is apparent on DirectAdmin servers only where this C wrapper is used.

New cxs v2.42

Changes:

  • Fixed problem where dir: ignores where not being fully implemented in single file scans
  • Fixed problem where dir: and hdir: ignores where not being fully implemented by the cxs Watch daemon when auto-reloading an ignore file
  • Exploit fingerprint definitions database additions

New cxs v2.41

Changes:

  • Developed another new advanced PHP decoder for –decode ([D])
  • Fixed advanced decoder output formatting when using –decode [file]
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v2.40

Changes:

  • Modifications to cxs Watch daemon so that it no longer needs to completely restart if changes to –xtra [file] are detected
  • Added detection and decoding of Hex encoding to advanced PHP decoders
  • Exploit fingerprint definitions database additions

New cxs v2.39

Changes:

  • Memory management and speedup improvements for cxs Watch Daemon
  • Improvements to advanced PHP decoders to –decode ([D])
  • Corrected cxs POD to read –upgrade instead of –update
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions