Category: NewsZend FrameWork Security Vulnerability – Hot Fix Released

Share this post...Tweet about this on TwitterShare on Google+0Share on Facebook0

Recently, A security vulnerability was discovered in Zend FrameWork which poses a security threat.

Abstract

Zend has released an advisory that there is a serious security vulnerability in their FrameWork product, which InterWorx utilizes. The framework is used to provide XMLRPC access to the InterWorx API. Information regarding the vulnerability can be found in the security advisory at http://framework.zend.com/security/advisory/ZF2012-01.

Response

In response, we have released an emergency hotfix to patch our integration of Zend FrameWork. It is highly recommended all our hosts update their version of InterWorx as soon as possible. This can be done by running:

yum update interworx

from command-line. By default, InterWorx also checks for updates once a day and thus most InterWorx servers should be updated within 24 hours. We are not aware of any instances of this issue being exploited on InterWorx servers, but we take the security of our product and our client’s data extremely seriously. Thus, we pushed the patch live as soon as we were made aware of this issue.

Questions or Concerns

Please feel free to contact InterWorx support if you have any questions regarding this update.

Jul 5, 2012, 10:29 pmBy: InterWorx (0) Comments

Leave a Reply
Surround code blocks with <pre>code</pre>

Your email address will not be published.

Forum Posts

  • SSL Certificate Option December 5, 2016
    Hi, Question, I have 12 domain being hosted within my Interworx CP. Why would only some of them, whe […]
    hostpanda
  • Turing off catchall results in mailbox failure December 5, 2016
    Hi all, a custopmer wanted a catchall adress set up but now realized he gets way too much spam that […]
    mdeinhardt
  • Catchall December 5, 2016
    We have some clients who still like to use a catchall address even though we strongly discourage it […]
    Bertie