New Solusvm Rlease - 1.14 Stable

Discussion in 'Industry News' started by MartinD, Sep 2, 2013.

  1. MartinD

    MartinD Retired Staff Retired Staff Verified Provider

    1,410
    1,278
    May 15, 2013
  2. Jack

    Jack Active Member

    579
    129
    May 15, 2013
    It's not actually released yet via the panel I guess you could update via CLI? (Not tried)
     
    Last edited by a moderator: Sep 2, 2013
  3. MartinD

    MartinD Retired Staff Retired Staff Verified Provider

    1,410
    1,278
    May 15, 2013
    Yes, you can update via the CLI only for now.
     
  4. concerto49

    concerto49 New Member Verified Provider

    960
    200
    May 5, 2013
    This is the better approach anyway. Gives you a chance to take backups and roll back.
     
  5. Francisco

    Francisco Company Lube Verified Provider

    2,476
    1,770
    May 15, 2013
    Who knew you weren't supposed to pass $_GET and $_POST to the command line on a SETUID root process?

    Francisco
     
  6. fisle

    fisle Active Member

    151
    71
    May 16, 2013
    This. It's horrifying when you realize how many people do things like these. Damn 12-year old coders.
     
  7. OnePoundWebHosting

    OnePoundWebHosting New Member Verified Provider

    27
    4
    May 16, 2013
    Update is now showing via the panel.
     
  8. Quexis

    Quexis New Member Verified Provider

    36
    5
    May 16, 2013
    Wow.
     
  9. peterw

    peterw New Member

    800
    189
    Jun 14, 2013
    Not WOW -> LOL. :mellow:
     
    Quexis likes this.
  10. drmike

    drmike 100% Tier-1 Gogent

    8,573
    2,717
    May 13, 2013
    Will be interesting to see who suddenly exposes Solus to the world again and what comes of it.

    Improvements made, due to audit...   

    Anyone know if the audit is going to see daylight and the firm who performed the audit?
     
  11. Jack

    Jack Active Member

    579
    129
    May 15, 2013
    Last edited by a moderator: Sep 2, 2013
  12. peterw

    peterw New Member

    800
    189
    Jun 14, 2013
  13. DearLeaderJohn

    DearLeaderJohn New Member

    60
    7
    May 17, 2013
    You would've thought they'd get it binded
     
  14. serverian

    serverian Well-Known Member Verified Provider

    503
    338
    May 16, 2013
    kaniini likes this.
  15. kaniini

    kaniini Beware the bunny-rabbit! Verified Provider

    497
    236
    Jun 18, 2013
    A quick test on my end shows that they are still using bare mysql_query()... which means that any sqli bugs are likely still wide open.
     
    Aldryic C'boas likes this.
  16. DamienSB

    DamienSB Active Member Verified Provider

    123
    26
    Mar 24, 2013
    This made me laugh - i had to post it.
     
    kaniini likes this.
  17. kaniini

    kaniini Beware the bunny-rabbit! Verified Provider

    497
    236
    Jun 18, 2013
    Better yet -- what are the contents of that documentation?
     
  18. kaniini

    kaniini Beware the bunny-rabbit! Verified Provider

    497
    236
    Jun 18, 2013
    Took a closer look at SolusVM 1.14.  Current findings are:

    Lots of potential SQLi's with $db->query() (their mysql_query(), essentially) involving lack of proper input validation.  Lots of SQL queries where it's like "SELECT * FROM database WHERE fooid > $value" -- $value needs to be first cast to int, and then validated.  Right now, SolusVM looks like this in a lot of places (code fragments are psuedocode illustrating the problem, not directly from SolusVM):


    $start = $_POST['start'];
    $res = $db->query("SELECT * FROM foolog WHERE id > $start");

    This should be more like:


    $start = (int) $_POST['start'];
    if ($start > 0) {
    $res = $db->query("SELECT * FROM foolog WHERE id > {$start}");
    } else {
    $res = null;
    }

    There are literally tons of these.  Man, if I were SolusVM I would be asking CNS Group for a refund.

    As far as I can tell, they haven't really fixed anything and have basically bandaged up some of the more rotten areas of the code that had public exploits flying around care of that localhost.re guy.  Oh, and the CSRF thing, but that's nothing compared to these validation errors.
     
    Last edited by a moderator: Sep 2, 2013
  19. Damian

    Damian New Member Verified Provider

    368
    199
    May 17, 2013
    Waited 2 months and it's still a trainwreck... but we all knew that was going to happen, amirite?

    drysoup.jpg
     
    Last edited by a moderator: Apr 30, 2017
  20. InertiaNetworks-John

    InertiaNetworks-John Inertia Networks, LLC Verified Provider

    182
    26
    May 23, 2013
    Just upgraded... let's hope this is good.