Idera Server Backup Manager (R1Soft) – Session Fixation Vulnerability

Idera Server Backup Manager is an affordable, high-performance, disk-to-disk backup software for Linux and Windows servers. (This software was previously more commonly known as R1Soft Backup.) Vulnerability Description: It is possible for a malicious user to clone an authenticated user / admin session which could result in unauthorized access. Impact: The vulnerability was rated...

EasyApache 3.26.9 Released

EasyApache 3.26.9 was released with PHP versions 5.4.34 and 5.5.18 and libxml2 version 2.9.2. This release addresses vulnerabilities related to CVE-2014-3669, CVE-2014-3670, CVE-2014-3668, CVE-2014-3660, and CVE-2014-0191 by fixing bugs in the Core, Exif, and XMLRPC modules and in libxml2. It is strongly recommended all PHP 5.4 users to upgrade to PHP version 5.4.34 and...

cPanel TSR-2014-0007 Full Disclosure

cPanel TSR-2014-0007 Full Disclosure: cPanel has released a full disclosure for TSR-2014-0007. Case 109049 Summary Arbitrary file overwrite in /scripts/synccpaddonswithsqlhost. Security Rating cPanel has assigned a Security Level of Important to this vulnerability. Description The synccpaddonswithsqlhost script performed unsafe file operations inside the home directories of unprivileged users while running with root’s permissions....

EasyApache 3.26.7 Released

cPanel, Inc. has released EasyApache 3.26.7 with Apache version 2.2.29. This release addresses vulnerabilities CVE-2014-0118, CVE-2014-0231, CVE-2014-0226 and CVE-2013-5704. It is recommended all Apache 2.2 users to upgrade to Apache version 2.2.29. AFFECTED VERSIONS All versions of Apache 2.2 before version 2.2.29. SECURITY RATING The National Vulnerability Database (NIST) has given the following severity...

Scroll to top