Bug Horde in Cpanel

[serverplan]

Several potential security issues have been identified with cPanel software and Horde, a 3rd party bundled application. cPanel releases prior to 11.18.4 and 11.22.2 are susceptible to security issues, which range in severity from trivial to medium-critical. Along with the discovery of these potential issues, cPanel has released a new security tool to provide users with protection from XSRF attacks.




Update Advisory
==============================
All STABLE and RELEASE users are strongly urged to update to their respective 11.18.5 release. CURRENT and EDGE users should update to the latest 11.22.3 release. No releases are deemed susceptible to severe, critical or root access vulnerabilities.




XSRF Protection
==============================
cPanel has also introduced a tool designed to protect against a category of attacks known as cross-site request forgery (XSRF). This tool will validate the browser referrer information against an approved list of domains.


The list of approved domains is automatically determined according to the system's configuration. Any blocked requests are presented to the end user for approval. This additional step will minimize disruption of workflow while protecting the user from an outside XSRF attack. This check will not prevent bookmarked links in modern browsers from working normally.


XSRF protection is not enabled by default. It is controlled via WHM's Tweak Settings under the Security heading. The protection may also be enabled manually by adding the following line to the end of /var/cpanel/cpanel.config:


referrersafety=1


and restarting cpsrvd by executing /usr/local/cpanel/startup.




Credits
================================
cPanel Security Auditing
Jeff Petersen ( Myriad Network )
Cassidy B. Larson ( InfoWest, Inc. )
Bugtraq ( http://www.securityfocus.com/archive/1/491230 )
Matteo Carli
Linux_Drox