Page 3 of 3 FirstFirst 123
Results 21 to 29 of 29

Thread: 7-1-09 security patch

  1. #21
    bonadio is offline Loyal Member
    Join Date
    Oct 2007
    Location
    Brazil
    Posts
    88
    Rep Power
    7

    Default zimbra Forged Critical update email

    Hello

    I received yesterday an email suposed comming from Zimbra saying that all version have a critical bug and asking to upgrade some software, the email looks like very real but the link to the download file is outside of zimbra and looks like very suspicious.

    I am attaching the message that I received as a pdf

    Following the header

    Received: from mx01.vm10.com.br (10.14.78.189) by w01.viewit.local
    (10.14.78.130) with Microsoft SMTP Server id 8.1.375.2; Wed, 1 Jul 2009
    21:28:44 -0300
    Received: from email1.atl.loopfuse.net (email1.atl.loopfuse.net [64.94.11.25])
    by mx01-int.vm10.com.br (Postfix) with ESMTP id CF77CD9B9C for
    <cesar.bonadio@viewit.com.br>; Wed, 1 Jul 2009 21:47:53 -0300 (BRT)
    Received: from proc1.atl.loopfuse.net (64.94.11.21) by email1.atl.loopfuse.net
    (PowerMTA(TM) v3.5r11) id h9fvsk0pb50n for <cesar.bonadio@viewit.com.br>;
    Wed, 1 Jul 2009 20:30:02 -0400 (envelope-from <bounce-notify@zimbra.com>)
    From: Zimbra Support <support@zimbra.com>
    Reply-To: support@zimbra.com
    To: cesar.bonadio@viewit.com.br
    Message-ID: <1068003273.1669941246494602460.JavaMail.jboss@pro c1.atl.loopfuse.net>
    Subject: Zimbra Security Vulnerability Report
    MIME-Version: 1.0
    Content-Type: multipart/alternative;
    boundary="----=_Part_162736_520781612.1246494602459"
    LF_CID: LF_fe2186a1
    LF_VID: 4a1c8e87-b8b0-4ff2-be97-f441a0d7f083
    LF_KID: 28
    LF_EMAIL: cesar.bonadio@viewit.com.br
    Date: Wed, 1 Jul 2009 21:47:53 -0300
    Return-Path: bounce-notify@zimbra.com
    Attached Files Attached Files

  2. #22
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,497
    Rep Power
    56

    Default

    This is a genuine email from Zimbra and apologies for the confusing link, your post has been moderated until a formal announcement is made on the forums.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #23
    jholder's Avatar
    jholder is offline Former Zimbran
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    20

    Default

    This is a legitimate email, and due to the severity of the issue, we have not publicity announced it. We will do so later today.

    We notified NE customers via email to provide a 24 hour update window before the information is released to the public.

    Therefore, I have to hide this thread until we announce.

    Thanks,
    john

  4. #24
    Hubert is offline Member
    Join Date
    Jun 2009
    Posts
    13
    Rep Power
    6

    Default

    Quote Originally Posted by greenrenault View Post
    I received a Zimbra Security Vulnerability Report email today. Is this a hoax or for real? There is no mention of it in the forum announcements.

    If real, will this precipitate a new Zimbra release? I really hate 'patching' a system.

    Thanks!
    I would highly recommend patching ASAP rather than waiting for the next release (I discovered the vulnerabiliy).

    You just have to replace 2 JAR files and do zmmailboxdctl stop/start (not necessary to restart all services if your version has zmmailboxdctl).

  5. #25
    LMStone's Avatar
    LMStone is offline Moderator
    Join Date
    Sep 2006
    Location
    477 Congress Street | Portland, ME 04101
    Posts
    1,367
    Rep Power
    10

    Default

    Quote Originally Posted by Hubert View Post
    I would highly recommend patching ASAP rather than waiting for the next release (I discovered the vulnerabiliy).

    You just have to replace 2 JAR files and do zmmailboxdctl stop/start (not necessary to restart all services if your version has zmmailboxdctl).
    Hubert,

    As a Premiere Zimbra Hosting provider and erstwhile Forum Moderator I just want to say a very sincere and hearty "thank you!" publicly to you for discovering this, and for the very professional manner in which you and everyone else pursued a speedy and easy-to-implement solution.

    It is very, very much appreciated!

    Thanks again,
    Mark

    P.S. Has Zimbra offered you a job yet? (Only half joking here...)

  6. #26
    andrewfn is offline Intermediate Member
    Join Date
    Jul 2008
    Posts
    17
    Rep Power
    7

    Default Patch instructions fail

    Thanks for the speedy patch. Unfortunately there is a line missing from the instructions. You need to:
    Code:
    mkdir /opt/zimbra/save-07012009
    or the mv will fail

  7. #27
    chauvetp is online now Elite Member
    Join Date
    Apr 2008
    Location
    New Paltz, NY
    Posts
    313
    Rep Power
    7

    Default

    When was this e-mail notice sent? I am only seeing this on the forum and I (as a NE user) cannot find any record of receiving this notice.

  8. #28
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    I would check with your account manager

  9. #29
    su_A_ve is offline Advanced Member
    Join Date
    Dec 2006
    Posts
    184
    Rep Power
    8

    Default

    Quote Originally Posted by andrewfn View Post
    Thanks for the speedy patch. Unfortunately there is a line missing from the instructions. You need to:
    Code:
    mkdir /opt/zimbra/save-07012009
    or the mv will fail
    Yup - beat me to it...

    Even on the announcement, it's missing...

Page 3 of 3 FirstFirst 123

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Critical Security Issue
    By jholder in forum Announcements
    Replies: 0
    Last Post: 07-02-2009, 11:45 AM
  2. [SOLVED] Zimbra logwatch.
    By nishith in forum Administrators
    Replies: 5
    Last Post: 06-10-2009, 04:42 PM
  3. DelegateAuth in audit.log
    By Krishopper in forum Administrators
    Replies: 2
    Last Post: 05-17-2007, 05:08 AM
  4. High Performance, Security, Redundancy
    By gjhorne in forum Installation
    Replies: 1
    Last Post: 03-30-2007, 11:29 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •