How to start ldap whitout start MTA and mailbox CVE-2019-9670

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
TitusI
Posts: 30
Joined: Fri Apr 15, 2016 2:54 pm
ZCS/ZD Version: Release 8.7.11_GA_1854.RHEL7_64_201

How to start ldap whitout start MTA and mailbox CVE-2019-9670

Post by TitusI »

Hi,
our mail server was been exploited via CVE-2019-9670 (zmcat in /var/tmp/ and miner) , web interface not accessible it seems that some jsp are deleted :( ) admin interface is still working,
we have stopped all services to avoid further problem (data leaks).
We have started deploing a new mail server, we want to recreate all mailbox from all domain, but with ldap stopped we can't get the addresses.

There is a work around? Can we just start ldap and use zmprov?
If we give zmcontrol start ldap the server go on and start other services too.

Any suggestion is really appreciated.
Top
User avatar
fs.schmidt
Outstanding Member
Outstanding Member
Posts: 278
Joined: Sat Sep 13, 2014 3:37 am
Location: Brazil
Contact:
Contact fs.schmidt

Re: How to start ldap whitout start MTA and mailbox CVE-2019-9670

Post by fs.schmidt »

TitusI wrote:Hi,
our mail server was been exploited via CVE-2019-9670 (zmcat in /var/tmp/ and miner) , web interface not accessible it seems that some jsp are deleted :( ) admin interface is still working,
we have stopped all services to avoid further problem (data leaks).
We have started deploing a new mail server, we want to recreate all mailbox from all domain, but with ldap stopped we can't get the addresses.

There is a work around? Can we just start ldap and use zmprov?
If we give zmcontrol start ldap the server go on and start other services too.

Any suggestion is really appreciated.
Hello, you can start ldap with "ldap start" as zimbra user and you will be able to export the data from LDAP. If you need to export mailboxes data (email, appointments, etc...) you will have start the mailbox service with zmmailboxdctl start. If you don't want your Zimbra available on the internet, you cloud to block the access.
Top
TitusI
Posts: 30
Joined: Fri Apr 15, 2016 2:54 pm
ZCS/ZD Version: Release 8.7.11_GA_1854.RHEL7_64_201

Re: How to start ldap whitout start MTA and mailbox CVE-2019-9670

Post by TitusI »

fs.schmidt wrote:
TitusI wrote:Hi,
our mail server was been exploited via CVE-2019-9670 (zmcat in /var/tmp/ and miner) , web interface not accessible it seems that some jsp are deleted :( ) admin interface is still working,
we have stopped all services to avoid further problem (data leaks).
We have started deploing a new mail server, we want to recreate all mailbox from all domain, but with ldap stopped we can't get the addresses.

There is a work around? Can we just start ldap and use zmprov?
If we give zmcontrol start ldap the server go on and start other services too.

Any suggestion is really appreciated.
Hello, you can start ldap with "ldap start" as zimbra user and you will be able to export the data from LDAP. If you need to export mailboxes data (email, appointments, etc...) you will have start the mailbox service with zmmailboxdctl start. If you don't want your Zimbra available on the internet, you cloud to block the access.
thank you,
I've tried zmcontrol ldap start, I stopped it because I see it begin to start other services, I don't want the server go up again. (othervise mail reach the server and I want they go to the new server)


EDIT
Ok, ldap start semms to work :)
Top
Post Reply

Return to “Administrators”