Vesta Control Panel - Forum

Somebody know why I keep receiving e-mails from Cron Daemon with following ?

sudo: no tty present and no askpass program specified Sorry, try again.
sudo: no tty present and no askpass program specified Sorry, try again.
sudo: no tty present and no askpass program specified Sorry, try again.
sudo: 3 incorrect password attempts

I have disabled the reset password so the "forgot password" is not present at the login page!

Every time that happens, I am not able to login because the login page is just showing blank site.
I need to reset the root password to be able to login again..

It's not often I receive the messages, but when I do it keeps coming back within 20-30 min interval or so.

Could it be some kind of attack from a program or a person?

Have you checked your crontabs to see what scripts are running?

Also, when you create a user, there's an ability to give them shell access or not, perhaps someone is attempting to brute force your site?

Have you patched shellshock?

Thanks for the reply F41L

I'm not familiar with patching shellshock, could you guide me in the right direction (where in ubuntu to look etc)?

Actually I can see in the e-mail that I receive that it comes from: Cron <admin@domain> sudo /usr/local/vesta/bin/v-update-sys-queue backup

Is this giving you a better picture, or it's just to go ahead with paching shellshock?

UPDATE:

Actually I googled it and found a bash script to run in Ubuntu such as:
It gives the only output:
So following what the page told I am in this question already protected against at least the first vulnerability (CVE-2014-6271) or Bash is safe from Shellshock ? Correct me if i'm wrong?

On the contrary the page told that if it gives the output:
Then my server might be vulnerable to CVE.

Any other ideas?