• Welcome to Web Hosting Community Forum for Webmasters - Web hosting Forum.
 
Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - Kailash

#1
Issue Description:

In cPanel v120.0.12, cPanel has updated internal PHP version to PHP 8.3. When this update released, ionCube did not release supported loader for PHP 8.3.

Because of this, Softaculous and other scripts which depend on ionCube Loader, they are failing. cPanel has raised the internal case RE-532 with their developer team to address this.

Workaround:

If you are affected by this, you can refer the following guideline to apply the workaround while cPanel releases an update to address this:


Softaculous Not Working on cPanel v120.0.12
#2
Stackpath is closing everything. Following is their official announcement:

------------------------
After careful consideration, it has been decided to close all StackPath products and liquidate all assets for the benefit of our creditors.

Effective immediately, we will begin the decommissioning of all StackPath services. The services impacted include:

  • StackPath Edge Compute Services (VMs and Containers)
  • StackPath Authoritative DNS Services
  • StackPath Object Storage
  • StackPath Network Transit Services
  • StackPath Datacenter Colocation Services
  • Server Density Monitoring Services

For customers who have storage with Wasabi Cloud object storage product, Wasabi is prepared to move your account from StackPath managed to a direct account or assist you in moving to another reseller/partner as required. Please email [email protected] for assistance.

We understand the importance of these services to your operations and urge you to take immediate action to transition your services and copy all data off of our platform.

Action Required:
   
  • Move Services: Please begin transitioning your services to an alternative provider.
  • Backup Data: Ensure all your data is backed up from our platform.

Invoicing:

  • Customer invoicing was stopped on June 12, 2024.
  • Please pay any outstanding invoices using control.stackpath.com.

Support:

  • We are no longer offering technical support.
  • For questions regarding final invoices, please contact us at [email protected].

We deeply appreciate your business and regret any inconvenience this closure may cause. Thank you for your understanding and cooperation during this transition.

StackPath
------------------------------------------------------------

If you are using any service from StackPath, be sure to backup the data immediately.
#3
Sometime, we may need to scroll up/down a web page in Google Chrome for automation. You can do this without any third party Chrome extension. This is possible using the simple JavaScript code as follow:

To auto scroll UP a web page at regular interval:

  • Open Google Chrome and navigate to the web page you want to auto-scroll.
  • Open the Developer Tools by pressing Ctrl+Shift+I (Windows/Linux) or Cmd+Option+I (Mac).
  • Go to the Console tab.
  • Copy and paste the following JavaScript code into the console and press Enter:

setInterval(() => {
    window.scrollBy(0, window.innerHeight);
}, 60000);  // 60000 milliseconds = 1 minute

This script uses setInterval to execute the window.scrollBy function every 60 seconds (60000 milliseconds), scrolling the page by the height of the visible window each time. If you want to scroll by a different amount, you can adjust the second argument of window.scrollBy(0, window.innerHeight) to a specific number of pixels.

To auto scroll DOWN a web page at regular interval:

  • Open Google Chrome and navigate to the web page you want to auto-scroll.
  • Open the Developer Tools by pressing Ctrl+Shift+I (Windows/Linux) or Cmd+Option+I (Mac).
  • Go to the Console tab.
  • Copy and paste the following JavaScript code into the console and press Enter:

setInterval(() => {
    window.scrollBy(0, -window.innerHeight);
}, 60000);  // 60000 milliseconds = 1 minute

window.scrollBy(0, -window.innerHeight): This scrolls the page up by the height of the visible window (window.innerHeight). The negative value (-window.innerHeight) ensures that the page scrolls up.

Regards,
Kailash
#4
OceanWP WordPress theme is one of the most popular WordPress theme. There is a vulnerability identified in OceanWP <= 3.5.4 version as follow:

Vulnerability:

The OceanWP theme for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the load_theme_panel_pane function in all versions up to, and including, 3.5.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to expose sensitive information such as system/environment data and API keys.

It is recommended to upgrade your OceanWP theme as soon as possible to avoid any security issue in your website.

- Kailash
#5
PHP 7.4 is reached to end of life Today, 29th November 2022. That means there will be no official updates available for PHP 7.4 version. It's time to migrate to PHP 8.1.

https://www.php.net/supported-versions.php

Regards,
Kailash
#6
Web Hosting Offers / READ BEFORE POSTING OFFER
August 08, 2022, 10:28:01 AM
Hi WHD Members,

Before you post in web hosting offer section, kindly go through this post to avoid account restriction / ban:

  • To post an offer for your hosting company, your profile email address must match with the company for which you are posting offfers
  • You can post 1 offer in a week. If you frequently violate this, your account may lead to ban.
  • You cannot hijack other member's thread to post your own offer.
  • If we identify the false offer, your account can be restricted or ban.
  • If you are looking for the premium account to post 3 times a week, you can contact us for the premium membership.

Regards,
WHD Admin
#7
Critical vulnerability has been patched in popular SEO WordPress plugin All In One SEO. If you are using this plugin, you should upgrade to latest version as soon as possible.

Refer the following blog post for more information about this privilege escalation vulnerability:

https://www.webhostingdiscussion.net/blog/critical-vulnerability-all-in-one-seo-wordpres/

- Kailash
#8
After recent cPanel update to cPanel v98.0 on CloudLinux 6 server, clamd is failing as follow:


/scripts/restartsrv_clamd --start
Service "clamd" is already stopped.
[...............]
Startup Log
/usr/local/cpanel/3rdparty/bin/clamd: error while loading shared libraries: libpcre2-8.so.0: cannot open shared object file: No such file or directory

clamd has failed. Contact your system administrator if the service does not automagically recover.


This is due to a missing shared library object (libpcre2-8.so.0) file that is required by ClamAV which you can confirm by this:
ldd /usr/local/cpanel/3rdparty/bin/clamd
[...............]
libz.so.1 => /lib64/libz.so.1 (0x00007f64ae2db000)
libpcre2-8.so.0 => not found
libm.so.6 => /lib64/libm.so.6 (0x00007f64ae056000)
[...............]


The libpcre2-8.so.0 shared library file is provided by the pcre2 package. However that package fails to be installed as a dependency when ClamAV is installed on the server.

Workaround

To get around this issue, you can manually install the missing package and then restart ClamD:

yum install pcre2

/scripts/restartsrv_clamd --start
#9
Forex market is one of the largest financial market. Anyone can invest and trade in Forex market from anywhere. You just need a system which is connect during Forex market days/hours.

Usually it is preferred to find Forex VPS Hosting provider and get a VPS to run it as Forex Trading. We have comprehensive list of Forex VPS hosting provider in our blog. That can help you to select right provider for your Forex trading.

For more details, kindly refer our following blog:

Best Forex VPS Hosting for Uninterrupted Trading

Regards,
Kailash
#10
Microsoft has released a security update to address a critical vulnerability in Windows Print Spooler. The vulnerability called "PrintNightmare," that was discovered last week, allows attackers to remotely execute malicious code with system privileges and install programs, make changes in the existing programs, and create new accounts with full user rights.

Fore more details, you can refer Microsoft's official website:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

It is strongly recommended to apply this security update in your desktop or server as soon as possible.

- Kailash
#11
Astra Premium WordPress theme is giving 25% discount on 4th July Independence day sale. This is limited time offer so it is right time to grab your 25% discount.

Fore more details, 4th of July Independence Day Sale! - Save 25% - Limited Time Offer

Astra WordPress theme offers three different editions and you can select as per your need.

- Kailahs
#12
xpertDNS announced that they are closing the business on May 15, 2021. They announced as follow:

------------------------------------------
We want to inform you that we shall be closing our company Xpert Group Technologies, Inc from May 15, 2021 onwards. We are not taking any more orders and user data will be user data will be deleted on that date.

For the past 15 years that we have been in business it was our sincere effort to offer excellent customer service to our customers, and we hope we were successful in our endeavors.

We request you to contact us in case you need any explanation for any issue.

ACTION REQUIRED:

    DNS Zones will need to be migrated to another hosting provider. ( Zones can be exported from the DNS Manager using "Zone Export". )
    Domains no longer use our name servers.
    If you have a domain registered through us, you will need to transfer to a new registrar before May 15, 2021 as we will not be processing domain renewals.

Yours Sincerely,
------------------------------------------

If you are using xpertDNS, you will need to find the alternative DNS provider to avoid any service outage.

- Kailash
#13
Salesforce faced a service outage on May 12, 2021 and it was confirmed by them on Twitter:

https://twitter.com/parkerharris/status/1392253069690343424

@salesforce is experiencing a major disruption due to what we believe is a DNS issue causing our service to be inaccessible. We recognize the significant impact on our customers and are actively working on resolution.

As per their status page, all services were restored and operational. For more information, you can refer the status:

https://status.salesforce.com

Regards,
Kailash
#14
ElegentThemes is offering 20% OFF on WordPress Divi theme as a part of their "Anniversary Sale". This is a good time to buy this theme if you are looking for a multi-purpose WordPress premium theme.

#15
WHMCS has release WHMCS 8.0 in release candidate now. This should be available for production release within next few days. To check what's New in WHMCS, refer our blog post on WHMCS 8.0 Release Candidate.

Thanks you!
#16
CVE-2020-1530 and CVE-2020-1537 – Windows Remote Access Elevation of Privilege Vulnerability

Microsoft has recently released a security update for all supported operating systems. An elevation of privilege vulnerability exists when Windows Remote Access improperly handles memory.

To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.

The security update addresses the vulnerability by correcting how Windows Remote Access handles memory. A privilege elevation vulnerability (CVE-2020-1530 and CVE-2020-1537) affects all supported versions of Windows server so far.  This vulnerability exists when Windows Remote Access improperly handles memory or file operations. The exploit requires an attacker to have execution capabilities on the victim system. Systems hosting websites or with web-accessible services are particularly vulnerable.

For more information refer the following URL:

https://www.webhostingdiscussion.net/blog/cve-2020-1530-cve-2020-1537/

- Kailash
#17
Microsoft DNS servers are affected by critical security vulnerability. There is remote code execution vulnerability exists in all DNS servers used in Windows Server 2008 and higher operating system. Microsoft has released an update for Windows Server 2012, Windows Server 2012 R2, Windows server 2016 and Windows server 2019. They have released an update for end of life operating system Window Server 2008 R2 but it looks like it is available to those users who have opted their paid addon to continue use Windows Server 2008 R2.

A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability.

For more information, refer CVE-2020-1350 Windows DNS Server Remote Code Execution Vulnerability.

- Kailash
#18
Hi,

If you have recently applied .Net updates on your Microsoft Windows server, it may break "Web sites" section in your SolidCP. SolidCP has yet not releases official update but there is a work around to fix this issue. It requires to edit your portal's web.config file to apply workaround. For more details, you can refer our KB on SolidCP Error in Web Sites section after Windows updates.

- Kailash
#19
Vulnerabilities / SMF 2.0.17 Released
December 31, 2019, 06:03:12 PM
Simple Machines has released a new patch to the 2.0.x line of SMF, bringing our latest release version to 2.0.17.

We consider this patch to be of crucial importance, as it includes an important fix for a critical bug that was introduced in SMF 2.0.16.

  • Fixes a bug that could cause SMF 2.0.16 to start consuming significant amounts of CPU-resources when the RSS function was used.
  • Eliminates some deprecated function warnings when using SSI.php on PHP 7.2+.


Please see the changelog for more information.

Since SMF 2.0.17 is essentially what 2.0.16 was intended to be and 2.0.16 was released only a few days ago, we are including a (slightly updated) version of the SMF 2.0.16 announcement for your convenience:

SMF 2.0.16 contained important security and bug fixes, as well as support for the European Union's General Data Protection Regulation (GDPR) requirements. We recommend updating as soon as possible.

Notable changes in 2.0.16 & 2.0.17

  • Support for privacy policy in addition to registration agreement
  • GDPR Compliance toggle in Core Features
   Enabling this configures multiple settings and new features to comply with the GDPR, including:
  • Requiring members to accept the current privacy policy in order to use the forum
  • Asking during registration whether the new member wants to receive announcements via email
  • Enabling token-based unsubscribe links in emails so members can unsubscribe without logging in
  • Allowing members to download a copy of their profile information
  • Adjusting the behaviour of a number of other features in minor ways as necessary
  • PHP 7.2 support
  • Improved security hashes for the image proxy
  • Improved security for the login cookie
  • Assorted other security improvements
  • Various improvements for both the installer and upgrader
#20
Vulnerabilities / SMF 2.0.16 Released
December 31, 2019, 05:59:46 PM
Simple Machines has released a new patch to the 2.0.x line of SMF, bringing our latest release version to 2.0.16.

We consider this patch to be of crucial importance, as it includes important security and bug fixes, as well as support for the European Union's General Data Protection Regulation (GDPR) requirements. We recommend updating as soon as possible.

Notable changes in 2.0.16

  • Support for privacy policy in addition to registration agreement
  • GDPR Compliance toggle in Core Features
   Enabling this configures multiple settings and new features to comply with the GDPR, including:
  • Requiring members to accept the current privacy policy in order to use the forum
  • Asking during registration whether the new member wants to receive announcements via email
  • Enabling token-based unsubscribe links in emails so members can unsubscribe without logging in
  • Allowing members to download a copy of their profile information
  • Adjusting the behaviour of a number of other features in minor ways as necessary
  • PHP 7.2 support
  • Improved security hashes for the image proxy
  • Improved security for the login cookie
  • Assorted other security improvements
  • Various improvements for both the installer and upgrader

Please see the changelog for more information.


IMPORTANT NOTES:

  • If you are using the GDPR Helper mod, you should follow these steps:
  • Back up your existing privacy policy text to a file somewhere
  • Update the GDPR Helper mod to its latest version
  • Uninstall the GDPR Helper mod
  • Install the SMF 2.0.16 patch

All users, including the admin, will need to log in again after 2.0.16 has been installed.

How to update to 2.0.16

If you are running version 2.0.15, you can update your forum to the latest version by using the package manager. You should see the update notification in the admin panel notifications and in the package manager, which will allow you to download and install the patch seamlessly.  If you do not see the notification about the patch, please run the scheduled task "Fetch Simple Machines files" from the Scheduled Tasks page (Admin > Maintenance > Scheduled Tasks).

If you use older versions of SMF, you can upgrade directly to 2.0.15 from whichever version you are currently using by using the "Large Upgrade" package from the Download page. Be aware that using this upgrade method will require you to reinstall any customizations that you have added to your forum, so if you are running a version of the 2.0.x series, it is recommended that you apply the successive patches instead of using the Large Upgrade.

If you are having problems downloading the patch from the admin panel, you can download the patch package from the Package Manager Updates page and install it via the Package Manager, as you would any other mod package.

Please refer to the Online Manual for more details about patching and upgrading.
#21
After upgrade to CURL version 7.67.0, you may receive the following error:

CURL Error: 56 - OpenSSL SSL_read: Success

Usually WHMCS and Enom users are reporting the above error. If you are using cPanel, you can downgrade the CURL version to fix this. You can execute following command on a cPanel server to downgrade the version:

yum downgrade ea-libcurl ea-libcurl-devel

Make sure that you restart Apache service. Also, if you are using litespeed, Apache-fpm, nginx etc., make sure you restart those services as well.

Regards,
Kailash
#22
Vulnerabilities / cPanel TSR-2019-0006 Full Disclosure
November 20, 2019, 03:37:30 PM
SEC-499

Summary

Authentication bypass due to variations in webmail username handling.

Security Rating

cPanel has assigned this vulnerability a CVSSv3.1 score of 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

The process used to normalize and validate webmail account names was not consistent across different authentication subsystems. Because of these discrepancies, authenticated cPanel users could gain access to other cPanel and Webmail accounts on the system.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.84.0.10
11.82.0.18
11.78.0.43



SEC-508


Summary

Account suspension bypass via virtual mail accounts.

Security Rating

cPanel has assigned this vulnerability a CVSSv3.1 score of 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

Description

The authentication logic for some subsystems relied entirely on data stored in the cPanel account's home directory for the enforcement of account suspensions. A cPanel user could take advantage of this behavior to retain access to virtual email accounts after the user's system account was suspended.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.84.0.10
11.82.0.18
11.78.0.43



SEC-516


Summary

Authentication bypass due to faulty password file format parsing.

Security Rating

cPanel has assigned this vulnerability a CVSSv3.1 score of 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

The functions in cPanel & WHM that handled password and shadow file lookups did not enforce the constraints of this file format. This behavior could be misused by authenticated attackers to gain access to other accounts on the system.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.84.0.10
11.82.0.18
11.78.0.43



SEC-520


Summary

Self-XSS due to faulty JSON string escaping.

Security Rating

cPanel has assigned this vulnerability a CVSSv3.1 score of 4.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

Description

The escaping method used for some JSON string interpolation in cPanel & WHM interface templates did not escape all possible character combinations unambiguously.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.84.0.10
11.82.0.18
11.78.0.43



SEC-525

Summary

Cpanel::Rand::Get can produce predictable output.

Security Rating

cPanel has assigned this vulnerability a CVSSv3.1 score of 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Description

When the /dev/urandom device is not initialized, Cpanel::Rand::Get initializes Perl's random number generation with data from the server's environment. This data could be predictable and when used as a seed, could cause predictable random numbers to be generated.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.84.0.10
11.82.0.18
11.78.0.43



SEC-531


Summary

MySQL dump streaming allowed reading all databases.

Security Rating

cPanel has assigned this vulnerability a CVSSv3.1 score of 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Description

The MySQL database dump streaming functionality passed database names to the mysqldump binary in an ambiguous fashion. An authenticated attacker could misuse this behavior to read all databases on the system.

Credits

This issue was discovered by the cPanel Security Team.



Solution



This issue is resolved in the following builds:
11.84.0.10
11.82.0.18



SEC-532


Summary

Root chown on arbitrary paths in cPanel log processing.

Security Rating

cPanel has assigned this vulnerability a CVSSv3.1 score of 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Description

When processing logs to calculate bandwidth, symlinks to the processed logs are created in the user's home directory. An attacker can intercept this process to cause the ownership of an arbitrary file to be changed to the attacking user.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.84.0.10
11.82.0.18
11.78.0.43



SEC-533


Summary

Stored XSS Vulnerability in WHM Backup Restoration.

Security Rating

cPanel has assigned this vulnerability a CVSSv3.1 score of 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Description

Error messages displayed in the WHM Backup Restoration interface were not adequately encoded. Due to this, it was possible for an attacker to inject arbitrary code into the rendered page.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.84.0.10
11.82.0.18
11.78.0.43



SEC-534


Summary

WebDAV authentication bypass due to faulty connection sharing logic.

Security Rating

cPanel has assigned this vulnerability a CVSSv3.1 score of 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

Client authentication was not validated correctly when multiple WebDAV clients connected to the cpdavd daemon through a proxy server. Subsequent requests in a keepalive connection could inherit the authentication of prior requests.

Credits

This issue was discovered by Martin Rouf.

Solution

This issue is resolved in the following builds:
11.84.0.10
11.82.0.18
11.78.0.43


For the PGP-signed message, please see: https://news.cpanel.com/wp-content/u...ure.signed.txt.
#23
Notification from cPanel:

------------------

Today we are excited to announce that we're shifting to an account based pricing and licensing structure and to share what that means for your relationship with cPanel. We aim to simplify the process of adding new servers, make it easier to become a cPanel customer, and provide value to a broader group of users.
Introducing Account Based Pricing

The hosting industry has changed a lot in the last 20 years, and has long out-grown the licensing and pricing structure that we have used at cPanel. Effective immediately, cPanel's license structure and the way we price our products is changing. Our pricing and licensing structure will now be standardized for all of our customers and include multiple Tiers. This new structure defines the price of each license based on the number of Accounts hosted on the server, reflecting the value received by the owner; now, customers pay for only what they use. On September 1st, 2019, we will introduce Auto-Scaling Packages, Fixed Packages, and transition all existing monthly licenses to the new account based pricing and licensing structure.
-------------------------------------------------
There will be no unlimited domains license now and pricing will be affected to all providers who are offering unlimited domains hosting. Now, you will have to pay $$$ instead of few bucks for cPanel license and most of the providers are now already started looking for the alternative.

New pricing are mentioned on their website:

https://www.cpanel.net/pricing/

- Kailash
#24
Vulnerabilities / Docker vulnerability - May 2019
June 21, 2019, 02:30:39 PM
All versions of Docker are currently vulnerable to a race condition that could give an attacker both read and write access to any file on the host system. Proof-of-concept code has been released.

https://www.bleepingcomputer.com/news/security/unpatched-flaw-affects-all-docker-versions-exploits-ready/

For complete CVE for Doker, refer the following URL:

https://www.cvedetails.com/vulnerability-list/vendor_id-13534/product_id-28125/Docker-Docker.html

- Kailash
#25
TCP SACK PANIC - Kernel vulnerabilities - CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479

A vulnerability targeting the networking stack in linux servers running kernel 2.6.29 or newer has been discovered that allows for Networking denial-of-service of varying severity, leveraging TCP "Selective Acknowlegment" (SACK).

Because the vulnerability requires absolutely no authentication, it could be used to deny networking indefinitely to any linux server using an unpatched kernel released in the last 10 years.

You can read more about the exploit (and patches mitigating it), here: https://www.openwall.com/lists/oss-security/2019/06/17/5 and here https://access.redhat.com/security/vulnerabilities/tcpsack

Centos 5 hosts and older cannot be updated due to lack of support, so it requires disabling SACK on them. 

- Kailash
#26
Windows / Windows Server 2008 R2 End Of Life and Upgrade
November 15, 2018, 01:48:48 PM
Windows Server 2008 R2 will reach to end of life on January 14, 2020. That means, you will not get any updates including security updates after this date. It is essential that you migrate your existing Windows Server 2008 R2 to higher version. There are two option available as follow:

[1] Perform in-place upgrade from Windows Server 2008 R2 to Windows Server 2012 R2

If you wish to retain your existing data and settings, you can attempt to perform in-place upgrade. You can refer our following KB that will help you to perform in-place upgrade:

Upgrade Windows Server 2008 R2 to Windows Server 2012 R2

[2] Migration to another server with higher operating system (Windows Server 2012 R2 or Windows Server 2016)

You can setup a new server with higher operating system (Windows Server 2012 R2 or Windows Server 2016) and then manually migrate your data from old Windows Server 2008 R2.

- Kailash
#27
============================================================
           Product: VMware ESXi, Workstation & Fusion
               URL: https://www.vmware.com
        CVE Number: CVE-2018-6981
          Priority: Critical
              Date: 2018-11-09
============================================================

Vulnerability Description:
-------------------------

VMware ESXi, Fusion and Workstation contain uninitialized stack memory usage in the vmxnet3 virtual network adapter. This issue may allow a guest to execute code on the host. The issue is present if vmxnet3 is enabled. Non vmxnet3 virtual adapters are not affected by this issue.

Reference(s):
------------

https://www.vmware.com/security/advisories/VMSA-2018-0027.html
#28
============================================================
           Product: Nginx
               URL: http://nginx.org
        CVE Number: CVE-2018-16843, CVE-2018-16844, CVE-2018-16845
            Impact: Low / Medium
              Date: 2018-11-10
============================================================

Product Description:
-------------------

nginx [engine x] is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP/UDP proxy server, originally written by Igor Sysoev. For a long time, it has been running on many heavily loaded Russian sites including Yandex, Mail.Ru, VK, and Rambler. According to Netcraft, nginx served or proxied 25.28% busiest sites in October 2018.

Vulnerability Description:
-------------------------

Two security issues were identified in nginx HTTP/2 implementation, which might cause excessive memory consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).

A security issue was identified in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file (CVE-2018-16845).

Reference(s):
------------

http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html

http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html
#29
VestaCP infrastructure server was compromised and attackers were able to modify their installation script to log IP address and password in addition to distro name which was used to collect stats.

If you are using VestaCP, you should change your server password immediately and upgrade your installation to latest version as soon as possible. Also, you should audit your server as well. It is possible that your server is infected by malware.

You can refer the following URL for the detailed information:

https://www.welivesecurity.com/2018/10/18/new-linux-chachaddos-malware-distributed-servers-vestacp-installed/
#30
Summary

XSRF/CSRF vulnerability in phpMyAdmin

Description

By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.

Severity

We consider this vulnerability to be critical.

Affected Versions

Versions 4.7.x (prior to 4.7.7) are affected.

Unaffected Versions

Versions older than 4.7.0 are not affected.

Solution

Upgrade to phpMyAdmin 4.7.7 or newer.

For more information, kindly refer their official notification from the following URL:

https://www.phpmyadmin.net/security/PMASA-2017-9/