New csf v2.67 – Major Security Fix – ConfigServer Services Blog

Changes:Security fix – A major security issue has been found (thanks to Jeff for informing us) in the LF_DIRWATCH code that can lead to arbitrary code being executed in the context of the user running lfd, i.e. root, if that option is enabled and a hacker has access to create a crafted filename in one of the watched directories. This update closes this hole.*ALL INSTALLATIONS SHOULD BE UPGRADED ASAP TO AVOID POTENTIAL EXPLOITATION*You can upgrade csf either through WHM or from the root shell using:

csf -u

New csf v2.67 – Major Security Fix

Useful Links

Commercial Products

Free Products and Guides