S-283: cPanel XSRF Vulnerabilities

7 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Bash script to take cPanel backup in batches

I'm trying to resolve the below scenario by writing bash script. On my managed linux server I have about 30 accounts and there is not enough space to generate full 30 accounts backup in one go and transfer it via SFTP to my Backup Synology Server. What I'm thinking of doing is breaking the...

2. UNIX for Dummies Questions & Answers

How to get cpanel backup data in rescue mode?

How to get cpanel backup data in rescue mode? Server OS 6.3 minimal with cPanel /dev/sdb1 is main partition root@rescue ~ # fdisk -l Anyone can help Thank you

3. Shell Programming and Scripting

delete ftp accounts created in cpanel

i want to delete the extra ftp accounts that are created in cpanel e.g., when you go to cpanel->ftp accounts, any that are not there by default how can i do this via commandline? i am looping through the users on the server where is this info stored? also - how can the password of an...

4. UNIX for Advanced & Expert Users

cpanel issue

How to disable mod_setenvif module in apache durin run time in cpanel servers. Please help me

5. Shell Programming and Scripting

Repair DB's for a user one liner / cpanel server.

Hello, I could use a little help with the command line part of this. I've got it to sorta work if I use this `gawk -F"/"'{ print $3 }'` I've also tried `pwd|cut -d/ -f3` with no luck. Is this possible to do? I'm basically doing this to copy the users domain, then paste that into the...

6. Shell Programming and Scripting

script for cpanel

Hello, I'm Have 1 Question abut if i need to run another script in my bash script by example /scripts/killacct this script for cpanel but when i try to execute this command /scripts/killacct username he ask me yes or no any idea to answer on this question with yes in my bash script I'm...

7. UNIX for Advanced & Expert Users

Server load (Unix/Linux, Redhat, CPanel)

Hello, I'm facing a big problem with my hosting server (Dual Xeon 2.4GHz), I'm having a load in the CPU usage and the memory (maybe it's related) ALSO mySQL: Server Load 5.34 (2 cpus) (to 22 sometime) Memory Used 68.4 % (to 70% sometime) When I go to 'CPU/Memory/MySQL Usage' I found: ...

LEARN ABOUT OPENSOLARIS

esp

ipsecesp(7P)							     Protocols							      ipsecesp(7P)

NAME

       ipsecesp, ESP - IPsec Encapsulating Security Payload

SYNOPSIS

       drv/ipsecesp

DESCRIPTION

       The  ipsecesp  module  provides	confidentiality, integrity, authentication, and partial sequence integrity (replay protection) to IP data-
       grams. The encapsulating security payload (ESP) encapsulates its data, enabling it to protect data that follows in the  datagram.  For  TCP
       packets,  ESP  encapsulates  the  TCP header and its data only.	If the packet is an IP in IP datagram, ESP protects the inner IP datagram.
       Per-socket policy allows "self-encapsulation" so ESP can encapsulate IP options when necessary. See ipsec(7P).

       Unlike the authentication header (AH), ESP allows multiple varieties of datagram protection. (Using a single datagram protection  form  can
       expose vulnerabilities.) For example, only ESP can be used to provide confidentiality. But protecting confidentiality alone exposes vulner-
       abilities in both replay attacks and cut-and-paste attacks. Similarly, if ESP protects only integrity and does not  fully  protect  against
       eavesdropping, it may provide weaker protection than AH. See ipsecah(7P).

   ESP Device
       ESP is implemented as a module that is auto-pushed on top of IP. Use the /dev/ipsecesp entry to tune ESP with ndd(1M).

   Algorithms
       ESPuses	encryption and authentication algorithms. Authentication algorithms include HMAC-MD5 and HMAC-SHA-1. Encryption algorithms include
       DES, Triple-DES, Blowfish and AES. Each authentication and encryption algorithm contain key size and key format properties. You can  obtain
       a  list of authentication and encryption algorithms and their properties by using the ipsecalgs(1M) command. You can also use the functions
       described in the getipsecalgbyname(3NSL) man page to retrieve the properties of algorithms. Because of export laws in  the  United  States,
       not all encryption algorithms are available outside of the United States.

   Security Considerations
       ESP without authentication exposes vulnerabilities to cut-and-paste cryptographic attacks as well as eavesdropping attacks. Like AH, ESP is
       vulnerable to eavesdropping when used without confidentiality.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsr (32-bit)		   |
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ipsecalgs(1M), ipsecconf(1M), ndd(1M), attributes(5), getipsecalgbyname(3NSL), ip(7P), ipsec(7P), ipsecah(7P)

       Kent, S. and Atkinson, R.RFC 2406, IP Encapsulating Security Payload (ESP), The Internet Society, 1998.

SunOS 5.11							    18 May 2003 						      ipsecesp(7P)

Security Advisories (RSS)