Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

SolusVM Security Update (1.13.03)

SolusVM Security Update (1.13.03)

soluslabssoluslabs Member
edited November 2012 in General

FYI:

Released: 28 November 2012

This release fixes an XSS Vulnerability within the SolusVM user interface.

DESCRIPTION : XSS Vulnerability VULNERABLE SYSTEMS : SolusVM master v1.13.02 and below RESOLUTION : Update to SolusVM v1.13.03 SEVERITY : Low CHECKED BY : Phillip Bandelow SIGNED OFF BY : Jason Smith

http://docs.solusvm.com/release_versions_stable?&#section11303

Comments

  • erhwegesrgsrerhwegesrgsr Member
    edited November 2012

    @soluslabs

    Thanks for keeping us up to date on here

  • Thanks for the heads up, appreciated.

    OnePoundWebHostingUK XEN VPSPV & HVM
    UK Shared & Reseller HostingDomains - Nominet TAG HolderUK Ltd Company, Established 2006
  • Going to install this in UAT and see if there are any issues before rolling it out. Thanks @ soluslabs.

    Serving you the best VPS, Web hosting, dedicated servers and more - Cloud Shards | Query Foundry
    We operate the network AS62638 | Available in Syd AU and Dallas, Los Angeles and NYC USA
  • kbeeziekbeezie Member
    edited November 2012

    Know what would be nice? When you log into the solus admin panel, and it mentions the update on the dashboard... if there was some kind of link right there to pop up a changelog. Would not have even thought it was a security update unless I checked the website.

    :D updated

    EDIT: LOL! right after I posted this, I received the email from SolusLabs regarding the exploit.

    KBeezie - Insignificant little blog about Nginx, FreeBSD, fun stuff | PhoenixVPS - Managed Support Representative
  • @soluslabs Is this a fix for the problem that caused ChicagoVPS to lose 1000 containers? Or have they still not actually reported that to you?

  • @NickM said: Is this a fix for the problem that caused ChicagoVPS to lose 1000 containers? Or have they still not actually reported that to you?

    We can assume there was no issue.

    Serving you the best VPS, Web hosting, dedicated servers and more - Cloud Shards | Query Foundry We operate the network AS62638 | Available in Syd AU and Dallas, Los Angeles and NYC USA

  • @soluslabs any more info?

  • @NickM said: @soluslabs Is this a fix for the problem that caused ChicagoVPS to lose 1000 containers? Or have they still not actually reported that to you?

    No & No

    @Jack said: @soluslabs any more info?

    As in what?

  • @soluslabs what the actual exploit was?

  • @Jack said: @soluslabs what the actual exploit was?

    For all we know there is no exploit.

  • @gsrdgrdghd said: @Jack said: @soluslabs what the actual exploit was?

    I presume you mean the XSS? There is no more information.

  • @soluslabs said: I presume you mean the XSS? There is no more information.

    I assumed @Jack was refering to ChicagoVPS, not the XSS

  • @Jack @soluslabs

    No, Chris set the API to allow ANY remote IP and someone brute forced the API key that was intended for WHMCS and destroyed those servers

  • @BronzeByte said: No, Chris set the API to allow ANY remote IP and someone brute forced the API key that was intended for WHMCS and destroyed those servers

    @CVPS_Chris

    Serving you the best VPS, Web hosting, dedicated servers and more - Cloud Shards | Query Foundry
    We operate the network AS62638 | Available in Syd AU and Dallas, Los Angeles and NYC USA
  • @concerto49

    Why did you tag him?

  • @BronzeByte said: Why did you tag him?

    Because this whole thread kept mentioning him. He'll read it anyway.

    Serving you the best VPS, Web hosting, dedicated servers and more - Cloud Shards | Query Foundry
    We operate the network AS62638 | Available in Syd AU and Dallas, Los Angeles and NYC USA
  • @BronzeByte said: No, Chris set the API to allow ANY remote IP and someone brute forced the API key that was intended for WHMCS and destroyed those servers

    But solusvm only connect to allowed IPs? (/etc/xyz///....solusvm/..../allow.dat file)

    Cheap $9/Year Hosting(US/UK/Canada) - Cheap Windows VPS & Linux Xen VPS at low price. PreMadeKb.com WHMCS/Blesta KB - PP/BTC/etc
  • This thread has nothing to do with ChicagoVPS and is not related in any way.

  • erhwegesrgsrerhwegesrgsr Member
    edited November 2012

    @soluslabs said: This thread has nothing to do with ChicagoVPS and is not related in any way.

    I know, but others don't, people just don't seem to understand that ChicagoVPS was COMPROMISED and NOT exploited...

  • @DewlanceVPS said: But solusvm only connect to allowed IPs? (/etc/xyz///....solusvm/..../allow.dat file)

    We're talking about the remote API generally used to provision servers from WHMCS ;-)

  • Great keep up the good work Solus.

    Instant OpenVZ/Xen VPS in UK,DE,US,FR,CA,CH,NL,BG - PayPal, Skrill, Payza, BTC, WM, PM, STP, CashU, Ukash, paysafecard
Sign In or Register to comment.