oss-sec mailing list archives
More zPanel security flaws? Trying to sort them out
From: Kurt Seifried <kseifried () redhat com>
Date: Sat, 18 May 2013 22:59:54 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 So the head of the zPanel project "ballen" ("Bobby Allen" according to Google) reports: http://forums.zpanelcp.com/showthread.php?27608-ZPanelCP-Server-has-not-been-compromised ====== 4) Security issues raised The security issues mentioned in the following article (http://imgur.com/a/lzRuo) are already fixed, however we are a short way off being able to release the new version. All known security vulnerabilities have been announced on here with fixes and guides. ====== I'm unable to find this list or a dedicated security page (apart from a list of 4 security features at http://www.zpanelcp.com/about/features/#tab-1-3). Can you please send me that list with URLs and ideally source code commits so we can get CVE #'s assigned to the zPanel vulnerabilities? Alternatively if anyone in the community wants to do it that'd be great as well. Thanks in advance. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRmFxKAAoJEBYNRVNeJnmTCwIP/0zXFzVNilB/y5tM95ngf0hl GcdEbxxbP0E9L+hm5jlm9ILkP84muTsgfhiT7eB5IBT/+MiMAkXMTKZ8bkkuzee8 FRuLKUMlon2jaGE7QJHeNyh6cjq/NK9HdAbEFm7c6l3IoBPYt3yCcO00VLm2x6sq y8xGdiAtu35qjhFwtjI4jXTsnLOOYql8ZW5ej/3h10beAIldRtZ79tSRm/68Br4F tn2Qn0qjMbBxAt60nNpQCHEMKk94InaA9ZnhxVQUxnmqtSqAqhEUPakC1/iuERm/ ctOE1jK5nlo7eEXH6yPWbVVcdcz9NhHnGsnmpXCGh+1pB8JP1mGbSMVMvUHQ81ri egGuar0SUWzQKc19ikI+jxkf80eNgX7XxZHeSnxsz0pG/TOJ5EIod0Y3ut3pV6ei yY8tc18iWjUNNIcp2ZlR+rHdFBZSApqVp/q/MeznfHIwKCzXSk2Mvnmk/kYDU+ml lqrMgxvXcQ6ff0DsTa2lLAqG46eOScARHzIs8Q+gwvtSq1o5n8MhKWwBM1XnjYhO nFywDzKwCqnx0kq5GTkmn5VEtRliRJ3aHjUI9mwa0E+ix3FyEXYSzAYnCv8JTYxd awQdvQ1sFTKio3FPiJPjjXgb3BBGW9JMBNWS+8rJiUGfv/OJnjbCo5Ap/EdKilDj s46AoBfJqq2H/1E4A3T8 =mKa/ -----END PGP SIGNATURE-----
Current thread:
- More zPanel security flaws? Trying to sort them out Kurt Seifried (May 18)