WHMCS 5.3.9 released

WHMCS has announced the availability of WHMCS 5.3.9. WHMCS 5.3.9 has addressed few security issues reported by their security bounty program, or discovered internally by the WHMCS Development Team. WHMCS has rated these updates as having a moderate to important security impact. Currently they have not released more details on security updates. Once the sufficient […]

EasyApache 3.26.6 Released

cPanel, Inc. has released EasyApache 3.26.6 with PHP versions 5.4.32 and 5.5.16. This release addresses vulnerabilities CVE-2014-3538, CVE-2014-3587, CVE-2014-2497, CVE-2014-5120, CVE-2014-3597, CVE-2014-4670 and CVE-2014-4698. It is recommended all PHP 5.4 users to upgrade to PHP version 5.4.32 and all PHP 5.5 users to upgrade to PHP version 5.5.16. AFFECTED VERSIONS All versions of PHP 5.4 […]

Critical Vulnerability Disclosed on WordPress Custom Contact Forms Plugin

If you are a using WordPress Custom Contact Forms plugin, you need to update it immediately. There was a critical vulnerability existed in WordPress Custom Contact Forms plugin that allows an attacker to download and modify your database remotely (no authentication required). Who’s affected? The plugin is downloaded more than 600,000+ and the vulnerability affects […]

Virtualizor 2.5.2 Released – Security update

Virtualizor supports OpenVZ, Xen, XenServer and Linux-KVM on CentOS and Ubuntu and they all can be managed from the Master. The Virtualizor Team has released Virtualizor 2.5.2 This version has many bug fixes and some critical bug fixes. 1) [Critical Bug Fix] These are critical bug fixes and we recommend all users to upgrade immediately. […]

EasyApache 3.26.5 Released

cPanel, Inc. has released EasyApache 3.26.5 with PHP version 5.3.29 and a patch to libxml2. This release addresses libxml2 vulnerability CVE-2014-0191 and PHP vulnerabilities CVE-2014-3981, CVE-2014-3515, CVE-2013-6712, CVE-2014-0207, CVE-2014-0238, CVE-2014-0237, and CVE-2014-4049 by fixing bugs in PHP’s core and PHP’s  Network, Fileinfo and DateInterval modules. It is recommended to upgrade your PHP 5.3 version to […]

EasyApache 3.26.2 Released

cPanel, Inc. had released EasyApache 3.26.2. EasyApache 3.26.2 addressed few security issues. EasyApache 3.26.2 was released with Apache version 2.4.10. This release addresses Apache vulnerabilities CVE-2014-0117, CVE-2014-0226, CVE-2014-0118, and CVE-2014-0231 by fixing bugs in the mod_proxy, mod_deflate, and mod_cgid modules. It is recommended that all Apache 2.4 users to upgrade to Apache version 2.4.10. AFFECTED […]

CloudLinux ptrace security update – CVE-2014-4699

CloudLinux ptrace security update Recently there was a vulnerability discovered in 2.6 branch. The vulnerability was related to local privilege escalation. CloudLinux just released to address a local privilege escalation with ptrace and it is recommended that you update as soon as possible. How to upgrade: To update CL6 servers: $ yum install kernel-2.6.32-531.17.1.lve1.2.60.el6 To […]

KernelCare ptrace security update – CVE-2014-4699

KernelCare ptrace security update KernelCare is a product of CloudLinux which provides Kernel upgrade without rebooting your server. KernelCare has released an udpdate to address for local privilege escalation (CVE-2014-4699). CentOS 6, RHEL 6, CL 6 & OpenVZ can now be patched against CVE-2014-4699. The patched kernels are yet to be available from the vendors. […]

WordPress TimThumb Vulnerability – WebShot Remote Code Execution (0-day)

WordPress TimThumb Vulnerability TimThumb is a small php script for cropping, zooming and resizing web images (jpg, png, gif). This is widely used in many WordPress theme providers to crop, zom, resize images. There was zero day exploit in WordPress TimThumb 2.8.13 which was allowing remote code execution. The vulnerability was present within WebShots fuction […]