Security 10799 Published by

A critical vulnerability has been discovered in the Backup/Restore manager of ispCP



Today another critical security issue has been found. All ispCP Omega versions are effected.
It is possible to use the ispCP Client Backup Manager to restore forged backups and - in worst case - gain control over the server system.

We strongly recommend to fix the described security issue by disabling the backup restore routine. For this open the ispcp-dmn-mngr in /var/www/ispcp/engine/ and search for

Code:
sub dmn_restore_data {

add
Code:
exit 1;

directly in the next line.

We try to deliver a patch as fast as possible. You can follow the status in ticket: 2440
Read more

Additionally, the phpMyAdmin version that ships with ispCP Omega 1.0.6 have several serious XSS vulnerabilities. To upgrade to the latest version of phpMyAdmin:

cp /var/www/ispcp/gui/tools/pma/config.inc.php ~/
aptitude update && aptitude install subversion -R
svn export http://isp-control.net:800/ispcp_svn/trunk/gui/tools/pma /var/www/ispcp/gui/tools/pma
cp ~/config.inc.php /var/www/ispcp/gui/tools/pma/
sh /var/www/ispcp/engine/setup/set-gui-permissions.sh
Read more