Search found 33 matches
- Thu Jan 31, 2019 8:28 am
- Forum: DNS Server
- Topic: DNS Flag Day Affect to VestaCP | All domains managed by (Bind) VestaCP are going to STOP WORKING after the 2019
- Replies: 1
- Views: 4242
Re: DNS Flag Day Affect to VestaCP | All domains managed by (Bind) VestaCP are going to STOP WORKING after the 2019
ping
skurudo wrote:
imperio wrote:
- Thu Apr 12, 2018 3:53 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 779114
Re: Got 10 VestaCP servers exploited
https://roundcube.net/news/2018/04/11/security-update-1.3.6 but i'm not sure how this can be exploited on Vesta servers, since 'archive' plugin is not activated by default, you must enable it manually by modifying config.inc.php . https://github.com/serghey-rodin/vesta/blob/master/install/rhel/7/ro...
- Thu Apr 12, 2018 3:46 pm
- Forum: Общие вопросы
- Topic: Возможная уязвимость в Vesta 0.9.8.19
- Replies: 236
- Views: 151630
Re: Возможная уязвимость в Vesta 0.9.8.19
Code: Select all
HEAD /webmail/
UPD: всё верно, это strict-ошибка из-за неправильного экстенда класса, к нам не относится
- Mon Apr 09, 2018 7:49 am
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 779114
Re: Got 10 VestaCP servers exploited
We need to format the servers and install again the vests cp from scratch, or the security update solves the problem that exists? Update only solves the security problem with authentication. If the server has already been infected, then it must either be reinstalled, or you need to manually cure it...
- Sun Apr 08, 2018 9:46 pm
- Forum: Общие вопросы
- Topic: Возможная уязвимость в Vesta 0.9.8.19
- Replies: 236
- Views: 151630
Re: Возможная уязвимость в Vesta 0.9.8.19
Если бы пароли сбрутили то была бы информация в логах auth.log об успешной авторизации логи можно затереть имея руут думаю как то все связанно с юзером админ пароль который генерируется к нему подходит для руут от бд записывается в многих файликах у меня есть такое мнение что сломали сервера только...
- Sun Apr 08, 2018 9:23 pm
- Forum: Общие вопросы
- Topic: Возможная уязвимость в Vesta 0.9.8.19
- Replies: 236
- Views: 151630
Re: Возможная уязвимость в Vesta 0.9.8.19
Если бы пароли сбрутили то была бы информация в логах auth.log об успешной авторизации
- Sun Apr 08, 2018 7:13 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 779114
- Sun Apr 08, 2018 6:47 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 779114
Re: Got 10 VestaCP servers exploited
https://www.virustotal.com/#/file/48343c96812d4513d7109cb2a2e74c2d983f04e9baf075a47b442fe08dbec825/detection This is for libudev.so, the infected version. We all know this and discussed it on the first pages of this topic. Also, many of us has given access to infected servers to developers, and the...
- Sun Apr 08, 2018 6:39 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 779114
Re: Got 10 VestaCP servers exploited
However, According to log entries, our network IDS and IPS logs, and a few other tid bits this is the current working theory on our end. We certainly need more servers that have been affected to test with and investigate. Volunteers?????? Unfortunately, we cannot provide our servers simply because ...
- Sun Apr 08, 2018 6:36 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 779114
Re: Got 10 VestaCP servers exploited
What's with your honeypot? Did you configured the logging of POST request?