En

cPanel官网安全更新(2021-11-08)

来源:cPanel官网 发布日期:2021-11-08 阅读次数:460 评论:0

基本信息

发布日期:2021-11-08(官方当地时间)

更新类型:安全更新

更新版本:94.0.17

感知时间:2021-11-18 10:37:58

风险等级:未知

情报贡献:TSRC

更新标题

Change Log for 94.0.17

更新详情

[security] Fixed case SEC-592: Arbitrary code execution via install_locallib_loginprofile script.[security] Fixed case SEC-593: Cpanel::SecureDownload executes shell commands in an insecure manner.[security] Fixed case SEC-597, SEC-598, SEC-599, SEC-608: Stored-XSS Vulnerability in ModSecurity Rules Interface.[security] Fixed case SEC-600: Reflected-XSS Vulnerability in ModSecurity Vendors Interface.[security] Fixed case SEC-602: Self-XSS Vulnerability in WHM Change Hostname interface.[security] Fixed case SEC-603: Self-stored XSS Vulnerability in WHM Edit Reseller Nameservers and Privileges interface.[security] Fixed case SEC-606: Passphrase submitted via GET request in scripts2/dogencrt.Fixed case CPANEL-30985: Run update gatherer from cron instead of upcp.Fixed case CPANEL-37479: Update dovecot to 2.3.13-2.cp1194.Fixed case CPANEL-38142: Update libspf to version 1.2.11: CVE-2021-20314.Fixed case CPANEL-38203: Fix for bugs preventing analytics UI from being enabled.Fixed case CPANEL-38203: Improvements to cPanel Analytics.Fixed case CPANEL-38648: Update the End User License Agreement and Pricing Agreement.Fixed case CPANEL-39075: Update cpanel-mailman to 2.1.35-1.cp1194.Fixed case CPANEL-39104: Update cpanel-php73 to 7.3.32-1.cp1194.

软件描述

cPanel 是一套在网页寄存业中最享负盛名的商业软件,是基于于 Linux 和 BSD 系统及以 PHP 开发且性质为闭源软件;提供了足够强大和相当完整的主机管理功能,诸如:Webmail 及多种电邮协议、网页化 FTP 管理、SSH 连线、数据库管理系统、DNS 管理等远端网页式主机管理软件功能。

CVE编号

TSRC分析

暂无

业界资讯

暂无

评论

提交评论 您输入的评论有误,请重新输入