OVHcloud Bare Metal Cloud Status

Current status
Legend
  • Operational
  • Degraded performance
  • Partial Outage
  • Major Outage
  • Under maintenance
FS#9691 — Security flaw on PHP non updated
Incident Report for Bare Metal Cloud
Resolved
If you are using a non- updated version of PHP on your dedicated server, it is probably vulnerable to a security flaw , according to on how PHP was configured above .
This vulnerability may allow a hacker to execute an arbitrary code on your server. In other words , to be able to partially take control.

The security flaw is detailed here : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1823
The impacted versions are PHP version 5.3.12 and below ,and in 5.4 series, the versions below 5.4.2.

Distributions that OVH offers to those on which PHP is installed by default , are always installed with the latest version update packages offered. However, if you have installed an old distribution and you have never updated , your server could be affected .

We advise you to update it as soon as possible.

To help you , we offer you a script to clean your server from a known type of attacks that task advantage of this security flaw.
The script is available here: ftp://ftp.ovh.net/made-in-ovh/dedie/distribstuff/debian6-removephpmalware.sh
Be careful , this script restarts the Apache web server, we recommend you to read it before you start .
Posted Nov 14, 2013 - 02:58 UTC