We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Search found 26 matches
- Sun Apr 08, 2018 2:30 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 736720
Re: Got 10 VestaCP servers exploited
@dpeca brother found out this https://github.com/serghey-rodin/vesta/blob/b2e75d89b763cc82d12696bceceda20199b22716/web/api/index.php#L71 Unescaped I don't think issue is there since it cannot be executed if session is not validated. I am more concerned with password field escaping since it will be ...
- Sun Apr 08, 2018 2:09 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 736720
Re: Got 10 VestaCP servers exploited
$v_password = tempnam("/tmp","vst"); $fp = fopen($v_password, "w"); fwrite($fp, $_POST['password']."\n"); fclose($fp); $v_ip_addr = escapeshellarg($_SERVER["REMOTE_ADDR"]); exec(VESTA_CMD ."v-check-user-password ".$v_user." ".$v_password." '".$v_ip_addr."'", $output, $auth_code); unlink($v_password)...
- Sun Apr 08, 2018 1:50 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 736720
Re: Got 10 VestaCP servers exploited
I've noticed some brute force attacks from those Chinese IPS prior to exploiting the server 2018-04-04 10:15:29 v-add-firewall-chain 'FTP' 2018-04-04 10:15:29 v-add-firewall-ban '119.39.93.206' 'FTP' 2018-04-04 10:25:30 v-delete-firewall-ban '119.39.93.206' 'FTP' 2018-04-04 17:14:20 v-add-firewall-c...
- Sun Apr 08, 2018 12:09 pm
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 736720
Re: Got 10 VestaCP servers exploited
I've got a bunch strange named files here created on April 3rd and 4th
- Sun Apr 08, 2018 11:59 am
- Forum: General Discussion
- Topic: Got 10 VestaCP servers exploited
- Replies: 548
- Views: 736720
Re: Got 10 VestaCP servers exploited
Hi i just send access to readonly ftp to info@vestacp.com My serves is on OVH and its in rescue64-ftp mode. Haven't contacted them yes. Has anyone been able to reactivate the server on OVH ? I am still waiting to get to bottom of the issue so when I contact them to know the exact details of the issue.
- Thu Nov 17, 2016 2:31 pm
- Forum: Web Server
- Topic: phpmyadmin issue
- Replies: 6
- Views: 7175
Re: phpmyadmin issue
I managed to create workaround. The issue is related to case sensitive directory naming In /etc/nginx/conf.d/phpmyadmin.inc you can see the following line location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { root /usr/share/; } Webeserver root is /usr/share/ and there is fold...