News » Security » Page 10


News for security updates for web hosting industry

HostBill Version 02-09-2014 released

HostBill is a complete client management, billing and support  system used by many web hosting companies. Recently they have released an update to address few bug fixes and new features. Following are the list of features and bug fixes address in HostBill Version 02-09-2014: Features: Added option to sort Knowledge base categories and articles. Added …

HostBill Version 02-09-2014 released Read More »

EasyApache 3.26.7 Released

cPanel, Inc. has released EasyApache 3.26.7 with Apache version 2.2.29. This release addresses vulnerabilities CVE-2014-0118, CVE-2014-0231, CVE-2014-0226 and CVE-2013-5704. It is recommended all Apache 2.2 users to upgrade to Apache version 2.2.29. AFFECTED VERSIONS All versions of Apache 2.2 before version 2.2.29. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity ratings …

EasyApache 3.26.7 Released Read More »

WordPress Slider Revolution Plugin vulnerability

Slider Revolution Plugin is a premium WordPress plugin used by many premium themes. This plugin is bundle with premium WordPress themes. Back in February 2014, there was a critical vulnerability discovered in this plugin. This was patched by the developers however it is possible that themes were not updated to use the latest version and …

WordPress Slider Revolution Plugin vulnerability Read More »

cPanel TSR-2014-0007 Full Disclosure

cPanel TSR-2014-0007 Full Disclosure: cPanel has released a full disclosure for TSR-2014-0007. [1] Case 109049 Summary Arbitrary file overwrite in /scripts/synccpaddonswithsqlhost. Security Rating cPanel has assigned a Security Level of Important to this vulnerability. Description The synccpaddonswithsqlhost script performed unsafe file operations inside the home directories of unprivileged users while running with root’s permissions. By …

cPanel TSR-2014-0007 Full Disclosure Read More »

Bash Code Injection Vulnerability – Bash Security Update

Red Hat has been made aware of a vulnerability affecting all versions of the bash package as shipped with Red Hat products. This vulnerability CVE-2014-6271 could allow for arbitrary code execution. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. A flaw was found in the …

Bash Code Injection Vulnerability – Bash Security Update Read More »