Search Engine: Elastic

Article ID: 2744, created on Oct 29, 2007, last review on Apr 18, 2012

  • Applies to:
  • Pro Control Panel Linux


View Knowledge
Knowledge ID 2058
Product : Ensim Pro for Linux
Version : 4.0.4
Topic : Hotfix

Hotfix : Security fix for exploit involving scheduled backup vulnerability

Addresses the issue "Security fix for exploit involving scheduled backup vulnerability"



Product: Ensim Pro for Linux
Version: 4.0.4 (Red Hat Enterprise Linux 4ES & CentOS4.1)
Date:  August 01,2005
Hotfix Description:  Addresses the issue:
Security fix for exploit involving scheduled backup vulnerability
Overview : Site admin can gain root privileges due to a vulnerability in the scheduled backup feature. This hotfix will prevent further exploits of this vulnerability.
Download :
(md5sum: d89fc9fd789258e2b376620eed43dcac )

For RHEL4:
(md5sum: a28490a14793c343256f1520e29cf3c1 )
(md5sum: b0f9722f65350e50fce05c3ff3fcbfe8 )

For CentOS4.1:
(md5sum: a28490a14793c343256f1520e29cf3c1 )
(md5sum: b0f9722f65350e50fce05c3ff3fcbfe8 )

Installation Procedure:

1) Backup /usr/lib/opcenter/base/services/vhbackup/vhbackup.pyc and /usr/lib/opcenter/vhbackup/vhbackup_be_interface
2) Download all the files for your respective OS and LWP version
3) Backup the scheduled jobs using,
cp -a /var/VhbackupSchedules /root/VhbackupSchedules_backup
4) Run the following command to check for issues of scheduled backup and fix it .
python secure.pyc
Please note this command does not return any messages to the console.
If any of your scheduled backups fail after running this command, you will need to manually reset the password for that job.
5) Replace existing vhbackup.pyc with the one downloaded from the above link
cp vhbackup.pyc /usr/lib/opcenter/base/services/vhbackup/vhbackup.pyc
6) Replace existing vhbackup_be_interface with the one downloaded from the above link
cp vhbackup_be_interface /usr/lib/opcenter/vhbackup/vhbackup_be_interface
7) Set permission on vhbackup.pyc to 600 and vhbackup_be_interface to 750
chmod 600 /usr/lib/opcenter/base/services/vhbackup/vhbackup.pyc
chmod 750 /usr/lib/opcenter/vhbackup/vhbackup_be_interface
8) Restart the control panel using,
service webppliance restart



Related Knowledge

Related Links
Last ModifiedUsageSatisfiedLast Used
9/19/2005 11:16:12 PM94 10/11/2007 2:45:45 AM

4cc899da08664637a8bc437308d3ddd7 3ccb419cf98083f3bb45808fba8dbc7c 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF