rss: https://blog.zimbra.com/yeeP6rai wrote:Is there way to know about new patches (via rss, maillist, zabbix web page monitor, etc) for specific zimbra version?
Search found 212 matches
- Tue Apr 09, 2019 9:16 am
- Forum: Administrators
- Topic: CVE-2019-9670 being actively exploited (Hacked Server)
- Replies: 248
- Views: 631567
Re: CVE-2019-9670 being actively exploited
- Fri Apr 05, 2019 4:04 pm
- Forum: Administrators
- Topic: fail2ban setting 8.8.9 / Ubuntu 16.04
- Replies: 2
- Views: 2655
Re: fail2ban setting 8.8.9 / Ubuntu 16.04
Follow this blog post: https://www.missioncriticalemail.com/2018/10/19/using-zimbras-dosfilter-and-failed-login-lockout-policy-together/ That, together with the postfix, postfix-auth, and postfix-sasl jalls that come with fail2ban, is all I use. Lance this is very useful, thank to the precious work...
- Fri Apr 05, 2019 9:01 am
- Forum: Installation and Upgrade
- Topic: Installing Zimbra 8.8.12_GA_3794 on Ubuntu 18.04
- Replies: 33
- Views: 59171
Re: Installing Zimbra 8.8.12_GA_3794 on Ubuntu 18.04
unfortunately they forgot to add the beta badge to the download page. If you can add this note to the ticket it can help others.axslingr wrote:They're indicating that 18.04 support is still in beta though!
- Thu Apr 04, 2019 1:37 pm
- Forum: Administrators
- Topic: CVE-2019-9670 being actively exploited (Hacked Server)
- Replies: 248
- Views: 631567
Re: CVE-2019-9670 being actively exploited
There's an ongoing discussion on IRC. Some are investigating further, because other than creating and deleting temporary account some found evidence of deleted production accounts and compromised java files.
More updates will follow
More updates will follow
- Thu Apr 04, 2019 1:03 pm
- Forum: Administrators
- Topic: CVE-2019-9670 being actively exploited (Hacked Server)
- Replies: 248
- Views: 631567
Re: CVE-2019-9670 being actively exploited
Virustotal detects zmcat as a Bitcon miner.
The tmp.txt is not uploaded but downloaded: it's the JSP they use to run commands.
The tmp.txt is not uploaded but downloaded: it's the JSP they use to run commands.
- Thu Apr 04, 2019 10:07 am
- Forum: Administrators
- Topic: CVE-2019-9670 being actively exploited (Hacked Server)
- Replies: 248
- Views: 631567
Re: CVE-2019-9670 being actively exploited
Hostsailor replied me they blocked the host currently distributing zmcat!
- Thu Apr 04, 2019 7:33 am
- Forum: Administrators
- Topic: CVE-2019-9670 being actively exploited (Hacked Server)
- Replies: 248
- Views: 631567
Re: CVE-2019-9670 being actively exploited
I haven't had the chance to test with modsecurity. Will give a look, thanks.
I wrote some guidelines on the behaviour of the attack and how to clean zmcat.
In short:
patch
kill running processes for l.sh and s.sh and zmcat
remove scripts and zmcat
remove uploaded jsps
I wrote some guidelines on the behaviour of the attack and how to clean zmcat.
In short:
patch
kill running processes for l.sh and s.sh and zmcat
remove scripts and zmcat
remove uploaded jsps
- Wed Apr 03, 2019 2:32 pm
- Forum: Administrators
- Topic: CVE-2019-9670 being actively exploited (Hacked Server)
- Replies: 248
- Views: 631567
CVE-2019-9670 being actively exploited (Hacked Server)
As many repoted on IRC, the latest security bug found in Zimbra is being actively exploited in the wild. It's easy to find a compromised install because the exploit campaign creates /tmp/zmcat binary on the system. It also downloads two .sh files used to fetch the binary from 185[.]106.120.118. This...
- Wed Apr 03, 2019 1:35 pm
- Forum: Installation and Upgrade
- Topic: Zimbra for Ubuntu 18.04 ?
- Replies: 30
- Views: 43595
Re: Zimbra for Ubuntu 18.04 ?
thanks for the feedback! did you file bugs to bugzilla or open support request?NetRaider wrote:I tried. I made new installation on Ubuntu with all updates and upgrades. But got logger configuration error during installation process. And broken monitoring section in administration console.
- Wed Apr 03, 2019 12:49 pm
- Forum: Installation and Upgrade
- Topic: Zimbra for Ubuntu 18.04 ?
- Replies: 30
- Views: 43595
Re: Zimbra for Ubuntu 18.04 ?
8.8.12 released few days ago has Ubuntu18 support.
anyone had the chance to give it a try?
anyone had the chance to give it a try?