FH-Dave
05-18-2003, 10:58 PM
Please refer to
http://forums.cpanel.net/showthread.php?s=&threadid=10112
FormMail-clone.cgi [was: Security spam hole in cgi-sys/formmail.pl re-write]
Please update to
EDGE 4
RELEASE 5
or
STABLE 6
as soon as possible to close a hole in FormMail-clone.cgi which will allow spammers to send out unwanted email.
If you do not wish to update you can install a patched binary from:
http://host.cpanel.net/~nick/FormMail-clone.bin
into
/usr/local/cpanel/cgi-sys/FormMail-clone.cgi
-rwxr-xr-x 4 root wheel 533384 May 18 17:51 formmail.cgi*
-rwxr-xr-x 4 root wheel 533384 May 18 17:51 FormMail.cgi*
-rwxr-xr-x 1 root wheel 533384 May 18 17:51 FormMail-clone.cgi*
-rwxr-xr-x 4 root wheel 533384 May 18 17:51 formmail.pl*
-rwxr-xr-x 4 root wheel 533384 May 18 17:51 FormMail.pl*
make sure to replace all formmail scripts
Note: Only users with WHM/CPanel installation inside their VPS or dedicated / colocated server are affected by this.
Virtual / shared hosting service using HSphere is not affected.
http://forums.cpanel.net/showthread.php?s=&threadid=10112
FormMail-clone.cgi [was: Security spam hole in cgi-sys/formmail.pl re-write]
Please update to
EDGE 4
RELEASE 5
or
STABLE 6
as soon as possible to close a hole in FormMail-clone.cgi which will allow spammers to send out unwanted email.
If you do not wish to update you can install a patched binary from:
http://host.cpanel.net/~nick/FormMail-clone.bin
into
/usr/local/cpanel/cgi-sys/FormMail-clone.cgi
-rwxr-xr-x 4 root wheel 533384 May 18 17:51 formmail.cgi*
-rwxr-xr-x 4 root wheel 533384 May 18 17:51 FormMail.cgi*
-rwxr-xr-x 1 root wheel 533384 May 18 17:51 FormMail-clone.cgi*
-rwxr-xr-x 4 root wheel 533384 May 18 17:51 formmail.pl*
-rwxr-xr-x 4 root wheel 533384 May 18 17:51 FormMail.pl*
make sure to replace all formmail scripts
Note: Only users with WHM/CPanel installation inside their VPS or dedicated / colocated server are affected by this.
Virtual / shared hosting service using HSphere is not affected.