ConfigServer Services Blog

New cxs v2.10

Changes:

  • Fixed a SECURITY BUG in Quarantine file restore which could result in root privilege escalation. The destination restore file must not now exist before restoring will work. Our thanks to Jeff Petersen for reporting this issue
  • All cxs users should upgrade to this release immediately

New csf v5.30

Changes:

  • Fixed a SECURITY BUG that can be exploited remotely via log file spoofing resulting in root privilege escalation. Our thanks to Jeff Petersen for reporting this issue
  • All csf users should upgrade to this release immediately

New cxs v2.09

Changes:

  • New –options [R]. It will trigger a match for the inbuilt regex used by –options [D] when decoding PHP encoded (base64, etc) scripts
  • Improvements to –decode ([D]) option so that both the last and the penultimate decode level are both scanned
  • Added improved code for dropping privileges to the “nobody” user while running the interactive php interpreter as root
  • Ensure Quarantine only works on files
  • Updated UI text for options
  • Removed duplicated regex definitions from the database now that –options [R] has been added. Be sure to add R to your –options lists if you specify them if you still want to trap these.

New cxs v2.08

Changes:

  • Removed code that dropped privileges to the “nobody” user while running the interactive php interpreter as it broke subsequent scanning at depth
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New csf v5.22

Changes:

  • New feature: Connection Limit Protection (CONNLIMIT, CONNLIMIT_LOGGING). This option configures iptables to offer more protection from DOS attacks against specific ports. It can also be used as a way to simply limit resource usage by IP address to specific server services. This option limits the number of concurrent new connections per IP address that can be made to specific ports. See csf.conf and readme.txt for more information and about the format of the CONNLIMIT option and its limitations
  • Minor csf UI Firewall Configuration virtual pagination improvements
  • Updated cPanel Server Check update settings for v11.30+
  • Removed cPanel Server Check for new versions due to changes in the v11.30+ versioning system making this redundant
  • Updated MySQL Server Check for v5.1.*
  • Added a warning to csf.conf for SYNFLOOD to only enable the option if you know you are under a SYN flood attack as it will restrict all new connection to the server if triggered

New cxs v2.07

Changes:

  • Improvements to –decode ([D]) option
  • New Feature – Added daily check for new Exploit Fingerprints. If cxs is scheduled to check for a new version daily, an additional check for new Exploit Fingerprints released since the last cxs version is performed. These will be downloaded and used on subsequent scans
  • Exploit fingerprint definitions database additions

New MailScanner Script v2.82

Changes:

  • Added hook for new msfe option to continue MailScanner if clamd stopped
  • “Spam List” setting now defaults to an blank setting on new installations – this is best done in the cPanel exim configuration
  • “Max Spam Check Size” now defaults to 600k on new installations

New MailScanner Front-End (MSFE) v4.33

Changes:

  • Modified MailWatch.pm to silence the spurious “commit ineffective with AutoCommit enabled” messafe on MailScanner restart
  • Added virtual pagination to MailScanner Configuration WHM UI
  • Modified the WHM UI presentation
  • Added new option to WHM UI which allows you to toggle whether MailScanner stops (loops) or continues if clamd is not running
  • Removed the need to go into MSFE WHM UI and save settings on install

New cmm v1.16

Changes:

  • When any delete/empty action is performed any local maildirsize file is removed to force free maildir space rebuild
  • Added SpamAssassin SA Learn button to learn spam against a directory if our MailScanner script is installed