Security Notification: BIND DoD Vulnerability, Update Plesk 9.5 & 10 Windows

BIND has announced a vulnerability that can result in a denial of service (server crash) caused by receipt of a specific remote dynamic update message.

Please be aware that this vulnerability will affect all servers that have BIND 9.7.1 or 9.7.2 installed. Parallels Plesk Panel 9.5 for windows and Parallels Plesk Panel 10 for windows ships with this version of bind and these servers should be upgraded to BIND 9.7.3 immediately.

When an authoritative server processes a successful IXFR transfer or a dynamic update, there is a small window of time during which the IXFR/update coupled with a query may cause a deadlock to occur. This deadlock will cause the server to stop processing all requests. A high query rate and/or a high update rate will increase the probability of this condition.

How to upgrade BIND on Plesk Windows: http://kb.parallels.com/5542

Parallels will be providing upgraded versions as a patch and then again in the next major release.

Please remember to review all of your deployment policies as they relate to all servers with these versions of BIND.

This notification is made pursuant to our development policy of notifying users when critical security issues arise and making fixes available as soon as possible. Please ensure that this patch has already been applied as soon as possible.

 

Updates

  • There are currently no updates. Please subscribe for updates or check back soon.

Brief Network Outage

Our Phoenix facility experienced a brief network interruption to a portion of our network.  This outage is now resolved by our upstream and affected a limited portion of our network.  Once further details are available, they will be posted here on this notice.

We apologize in advance for any inconvenience this has caused you.

Updates

  • There are currently no updates. Please subscribe for updates or check back soon.

Security Notification: Parallels Plesk Panel 10.0.1

Parallels has issued a security hotfix to Parallels Plesk Panel 10.0.1 through the Micro-Updates system.

It is referenced as MU#2 – Plesk admin password changing.

The Micro-Update delivers bug fix for a vulnerability that could allow authorized Plesk users to change Plesk ‘admin’ password and then compromise Control Panel.

For instructions on implementing Micro-updates, please refer to:

http://kb.parallels.com/en/9294 – Using Micro-Updates in Parallels Plesk Panel 9.x, 10.x and Parallels Small Business Panel.

For instructions on upgrading from the panel, please refer to the Administrator Manual at:

http://download1.parallels.com/Plesk/PP10/10.0.1/Doc/en-US/online/plesk-administrator-guide/index.htm?fileName=59215.htm

This notification is made pursuant to our development policy of notifying users when critical security issues arise and making fixes available as soon as possible. Please ensure that this patch has already been applied as soon as possible.

Updates

  • There are currently no updates. Please subscribe for updates or check back soon.

Moving to our new office!

Today the 29th of November 2010, Codero will be relocating to our new corporate headquarters in Lenexa, KS!  Throughout today you may encounter intermittent issues reaching support via the front line support phone queues as we are moving equipment between locations.  In the meantime we do offer support running out of our new  NOC located in our state of the art data center, located in Phoenix, Arizona.  We anticipate normal methods of phone support to be available at approximately 8pm CST and apologize in advance for any inconvenience.

Our New Address is:

8735 Rosehill Road
Suite 400
Lenexa, KS 66215-4610

In the mean time, please contact us via:
Live Chat – http://codero.com/chat/
Support Ticket – http://serverportal.com/

Updates

  • There are currently no updates. Please subscribe for updates or check back soon.

ProFTPD – Security Notice

Important Plesk Notification:
ProFTPD Remote Code Execution Vulnerability and Exploit

A flaw in the popular ProFTPD FTP server potentially allows unauthenticated attackers to compromise a server. The problem is caused by a buffer overflow in the pr_netio_telnet_gets() function for evaluating TELNET IAC sequences.

ProFTPD bug report: http://bugs.proftpd.org/show_bug.cgi?id=3521

Parallels Plesk Panel 9.x, 9.5x and 10 include this vulnerability. Parallels will issue Micro Updates (hotfixes) for 9.5.2 and 9.5.3 no later than 12:00 GMT (noon) on Thursday November 11, (7:00am EST in the US) to fix this. The patch for Parallels Plesk Panel 10.01 will be released at 17:00 GMT on Thursday November 11, (12:00pm EST in the US). Patches for Plesk 9.0, 9.22, and 9.3 will be posted by 12 noon GMT on Friday November 12, (7am EST in the US). Parallels updates on this will be coming soon.

MORE INFORMATION:

Updating to ProFTPD version 1.3.3c or disabling FTP services is the only current solution to this vulnerability.

ProFTPD is capable of processing TELNET IAC sequences on port 21; the sequences enable or disable certain options not supported by the Telnet or FTP protocol itself. The buffer overflow allows attackers to write arbitrary code to the application’s stack and launch it. Updating to version 1.3.3c of ProFTPD solves the problem.

The update also fixes a directory traversal vulnerability which can only be exploited if the “mod_site_misc” module is loaded. This flaw could allow attackers with write privileges to leave their permitted path and delete directories or create symbolic links outside of the path. The module is not loaded or compiled by default.

A remote root exploit is available: [Full-disclosure]ProFTPD IAC Remote Root Exploit

A Proftpd update for Plesk has been provided by Atomic Rocket Turtle. To apply the update, execute the commands below.

rpm -Uvh http://yum.managed.codero.com/centos-5/release/$(uname -i)/psa-proftpd-1.3.3c-2.codero.$(uname -i).rpm

Please review http://www.parallels.com/products/plesk/ProFTPD for updates to this security issue.

Updates

877.999.2750

We are currently experiencing issues with our toll free number, 877.999.2750.  System administrators are working to resolve this issue.  We apologize for any inconvenience this may cause in trying to contact us.

In the mean time, please contact us via:
Live Chat – http://codero.com/chat/
Phone – 913.890.8250

Updates

Important: Windows Server Vulnerability

Microsoft has released instructions related to patching an  ASP.NET vulnerability on Windows OS servers.  All Windows customers should visit the Codero Knowledge Base Article below for information on patching your server.

Knowledge Base Article on ASP.NET Vulnerability

Please note that if you have a managed services plan on your server, Codero has already patched your server.  If you are interested in Codero maintaining the security of your server, please contact your Account Executive today and discuss adding managed services.

If you do not have managed services, please be sure to keep your server secure by applying all patches in a timely manner.  Failure to do so could result in your server becoming compromised and loss of data.  Should your server become compromised, Codero may deem it necessary to restrict access to your server to prevent other servers on our network from becoming infected.  In many cases, compromised servers require a complete reinstall, which is not included with your server plan, and may result in loss of data.

If you have any questions about this vulnerability, please submit a ticket via ServerPortal.com.

Updates

ServerPortal.com Issue

We are currently experiencing issues with ServerPortal.com.  System administrators are working to resolve this issue.  We apologize for any inconvenience this may cause

Updates

  • Codero NOC says:

    This incident is also affecting our staff from utilizing our Operational Support Systems. As such, we are currently unable to pull up account details if you are contacting us for assistance.

    We expect quick resolution to this issue.

  • Codero NOC says:

    ServerPortal.com and our Operational Support Systems are back in operation.

Maintenance Window: April 30, 2010

A maintenance window affecting a small number of clients in the San Diego Data Center begins tonight at 10:00 pm CDT (03:00 AM GMT 5/1/2010).

Details of the maintenance window were e-mailed to affected customers, and can also be viewed in ServerPortal.com.  If you log into ServerPortal.com and do not see a notification, then you are not affected.

Start:  4/30/2010 22:00 CDT (03:00 GMT 5/1/2010)
End:  5/1/2010 22:00 CDT (03:00 GMT 5/2/2010)

UPDATE:  As of 8:30AM CDT, 80% of servers involved in maintenance window are back on-line.

UPDATE:  As of 10:55 AM CDT, 97% of servers involved in maintenance window are back on-line.

Updates

  • There are currently no updates. Please subscribe for updates or check back soon.