RSS Feed
News
May
6
ntcpGo bug fix
Posted by Anthony N on 06 May 2016 03:49 AM

ntcpGo new version has been released with a bug fix


Read more »



Apr
21
ntPHPSelector version 3.0.1 has been released
Posted by Anthony N on 21 April 2016 09:32 AM

ntPHPSelector version 3.0.1 has been released with  a fix for "Missing ntPHPSelector Plugin" in cPanel. 


Read more »



Feb
19
ntPHPselector :: Released v3.0.0 Beta
Posted by Steve N on 19 February 2016 11:36 AM

The new version of ntPHPselector is ready for Centos 6 servers. It is not compatible with Centos 7 servers. If you are using Centos 6, you can update the plugin to the latest version using the following commands.

cd /usr/local/src
wget -N https://nixtree.com/download/free/ntphpselector_manage_beta.sh
sh ntphpselector_manage_beta.sh update

It will install the new version ( 5.6 ) and update the other version to the latest release. So make sure to run this in screen and it take time to complete, since it reuqire to recompile/update all the php versions installed in the server.

Our developers are working with the Centos 7 servers and will release it soon.

Features

[+] Added 5.6 support
[+] Skip the version causing recompile error and install the other versions

Ref : https://nixtree.com/blog/ntphpselector-released-v3-0-0-beta/


Read more »



Jul
10
Litespeed Security Update released
Posted by Edward N on 10 July 2015 02:57 AM
An update for LiteSpeed 4 & 5 was just released to address a security vulnerability within OpenSSL (CVE-2015-1793)
and it is recommended that you update as soon as possible.

These update version is not there is litespeed plugin interface in cpanel and have to do manually.
 
We have updated servers using litespeed with us.

You can update the version in cpanel servers using a single command

# /usr/local/lsws/admin/misc/lsup.sh -f -v 5.0.2

# /usr/local/lsws/admin/misc/lsup.sh -f -v 4.2.24

Please get this upgraded asap

Features and changes
=================
LSWS 5.0.2 7-9-2015 Feature improvements and bug fixes

Updated OpenSSL to 1.0.2d to address (CVE-2015-1793).
Improved HTTP/2 implemenation.
Improved mod_security engine to work better with OWASP core rule set.
Improved compatibility with Plesk 12 control panel.
Fixed a bug in Rewrite engine that may trigger 503 errors by cPanel autoconfig/autodiscover feature.

LSWS 4.2.24 7-9-2015 Feature improvements and bug fixes

Updated OpenSSL to 1.0.1p to address (CVE-2015-1793).
Improved mod_security engine to work better with OWASP core rule set.
Improved compatibility with Plesk 12 control panel.
Fixed a bug in Rewrite engine that may trigger 503 errors by cPanel autoconfig/autodiscover feature.
 

Read more »



Mar
5
FREAK: OpenSSL vulnerability (CVE-2015-0204)
Posted by Steve N on 05 March 2015 11:02 PM

In January 2015, Red Hat Product Security addressed the CVE-2015-0204 vulnerability in OpenSSL with this advisory: RHSA-2015-0066. The vulnerability was rated as
having a Moderate impact. This vulnerability is now being referred to as FREAK in the press.

Background Information

OpenSSL clients accepted EXPORT-grade (insecure) keys even when the client had not initially asked for them. This could be exploited using a man-in-the-middle attack,
which would intercept the client's initial request for a standard key and ask the server for an EXPORT-grade key. The client would then accept the weak key, allowing
the attacker to factor it and decrypt communication between the client and the server.

Impact

While the use of EXPORT-grade ciphers is disabled by default in OpenSSL shipped with the latest versions of Red Hat Enterprise Linux (6.6 and 7.0), it can be enabled
by applications that utilize the OpenSSL library. For this reason, the vulnerability is considered to affect all Red Hat Enterprise Linux 6 and 7 systems, including
the Server, Workstation, Desktop, and HPC Node variants, that have not installed the fixed version of OpenSSL packages.

The version of OpenSSL shipped with Red Hat Enterprise Linux 5 is also affected. As Red Hat Enterprise Linux 5 is now in the Production 3 phase of the support and
maintenance life cycle, during which only Critical security advisories are provided, this issue is currently not planned to be addressed in future updates.

Resolution

To eliminate the possibility of exploitation, install the updated OpenSSL packages that have been made available through this advisory: RHSA-2015-0066.

To install the updates, use the yum package manager as follows:

yum update

To only update the OpenSSL package and its dependencies, use:

yum update openssl


We have deployed updates to all servers which has ntServerGuard installed. Servers without ntServerGuard are being patched/updated manually.

You can check the freak vulnerability using the following link "http://www.nagios.com/freak-vulnerability-tester"

If you find your server still has this vulnerability, please feel free to contact our support ASAP.


Read more »



Jan
28
GHOST Vulnerability ( CVE-2015-0235 )
Posted by Steve N on 28 January 2015 11:47 PM

GHOST Vulnerability ( CVE-2015-0235 )

On 27 January 2015, a vulnerability in all versions of the GNU C library (glibc) was announced by Qualys. The issue was a buffer overflow during DNS hostname resolution. Disclosure of this issue was coordinated with the various operating system vendors and patches were made available by RedHat soon after the initial announcement went out.

Impact
According to Qualys, this vulnerability allows unauthenticated remote code execution in any daemons or services that perform hostname lookups using the vulnerable functions in the GNU C library. This library is at the core of most services and software that runs on Linux systems

The updated RPMs provided by RedHat, CentOS and CloudLinux should contain a changelog entry with the CVE number. You can check for this changelog entry with the following command:


rpm -q --changelog glibc | grep CVE-2015-0235


Please read more about this at the following URLs.

https://documentation.cpanel.net/display/CKB/CVE-2015-0235+GHOST

http://www.openwall.com/lists/oss-security/2015/01/27/9
https://rhn.redhat.com/errata/RHSA-2015-0090.html
https://rhn.redhat.com/errata/RHSA-2015-0092.html
http://cloudlinux.com/blog/clnews/glibc-ghost-remote-vulnerability-cve20150235.php

We have deployed updates to all servers which has ntServerGuard installed. Servers without ntServerGaurd are being patched/updated manually.

If you find your server still has this vulnerability, please feel free to contact our support team ASAP.


Read more »