Another suggestion is to disable web command from Kloxo. Anyone who needs to execute SSH commands should use SSH, not Kloxo's interface in the first place. LxCenter Forum: Technical Help » Kloxo 6.1.12 Hack
P.S We at KnownSRV have mass-patched all Kloxo installations on our network a few hours after this exploit was released. If you are a KnownSRV client, you do NOT need to patch the above, it's already been done.
Oh well i take back what i said above first of all cuz i aint gay and i dont fuck men and the second thing is that it upgraded without any issue so oh well sorry about that :P
And people that upgrade button works :P
I can confirm 6.1.13 version fixed security flaws in question.
There is no known exploits for the newest version at this time. If you are paranoid you could keep Kloxo stopped and enable it only when you need it. Or keep Kloxo ports(7777 / 7778) whitelisted to your IP address / VPN only.
# service kloxo stop
# service kloxo start
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.