Search found 124 matches

by maxxer
Tue Aug 06, 2019 8:55 am
Forum: Administrators
Topic: CVE-2019-9670 being actively exploited
Replies: 239
Views: 122196

Re: CVE-2019-9670 being actively exploited

Paulo Henrique wrote:i am Searching for solution for this problem, but not located.


please read the thread and the provided links more carefully.

anyway the best way to recover is (in short) to install a fresh new system and migrate data using zextras
by maxxer
Fri Aug 02, 2019 2:06 pm
Forum: Administrators
Topic: Letsencrypt: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed
Replies: 1
Views: 447

Re: Letsencrypt: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building fail

Ended up being a Powerstore backend problem, not zimbra one. We had configured an OVH (Swift compatible) storage, and the cert error given was against ovh's endpoint!! I followed this guide for saving the certificate of the ovh backend, then imported with the following: /opt/zimbra/java/bin/keytool ...
by maxxer
Fri Aug 02, 2019 12:50 pm
Forum: Administrators
Topic: Letsencrypt: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed
Replies: 1
Views: 447

Letsencrypt: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed

Hi. Zimbra 8.6.0_GA_1153.RHEL7_64_20141215151110. When running certain activities (like zextras' HSM operations) I'm getting the following exception in mailboxd.log: Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.pro...
by maxxer
Mon Jul 15, 2019 12:12 pm
Forum: Administrators
Topic: CVE-2019-9670 being actively exploited
Replies: 239
Views: 122196

Re: CVE-2019-9670 being actively exploited

rickaotc wrote:Should we be concerned?


if you've updated zimbra components in the last 15d no. :) otherwise you should perhaps open the files and see what's inside, or compare them to a new installation of the same version of Zimbra
by maxxer
Mon Jul 15, 2019 6:36 am
Forum: Administrators
Topic: CVE-2019-9670 being actively exploited
Replies: 239
Views: 122196

Re: CVE-2019-9670 being actively exploited

find /opt/zimbra/jetty/ -name "*.jsp" -mtime -15 -ls find /opt/zimbra/jetty/ -name "*_jsp.java" -mtime -15 -ls find /opt/zimbra/jetty/ -name "*.class" -mtime -15 -ls these commands are indication of what could be performed. specifically they find the files modified in ...
by maxxer
Wed Jun 19, 2019 9:31 am
Forum: Users
Topic: Alternative to Affixa
Replies: 1
Views: 671

Alternative to Affixa

Hi.
Is there a modern alternative to Affixa?
Affixa is a very useful tool to attach files to a Zimbra email from desktop. A plus for this tool is that it can resize images before attaching them to the email.

Is there something comparable with nowadays tools?

thanks
by maxxer
Mon Jun 10, 2019 5:32 am
Forum: Administrators
Topic: CVE-2019-9670 being actively exploited
Replies: 239
Views: 122196

Re: CVE-2019-9670 being actively exploited

I have not been able to clean up, the hack has been coming back about every 12 hrs. I have ssh and 7071 blocked to public and always have. I've changed all my admin pws 3x. ssh, zimbra, and webmail admin. The hack script still comes back. I finally blocked the attacking IP but soon enough it will p...
by maxxer
Sun Jun 09, 2019 7:58 am
Forum: Administrators
Topic: CVE-2019-9670 being actively exploited
Replies: 239
Views: 122196

Re: CVE-2019-9670 being actively exploited

calandacomp wrote:if you are affected and have any questions - feel free to contact me

good to know there's still a chance to clean up the system :) thanks for sharing your cleanup steps!
by maxxer
Sun Jun 09, 2019 7:56 am
Forum: Administrators
Topic: CVE-2019-9670 being actively exploited
Replies: 239
Views: 122196

Re: CVE-2019-9670 being actively exploited

According to hack... there are files in /tmp directory .. if any one can help us about these files what kind of help you need? they're unlikely zimbra files, but without contents we cannot know. you should inspect them yourself, you can try moving them out to a location non accessible to zimbra use...
by maxxer
Thu May 30, 2019 6:48 am
Forum: Administrators
Topic: CVE-2019-9670 being actively exploited
Replies: 239
Views: 122196

Re: CVE-2019-9670 being actively exploited

Mike2000 wrote:Sorry for stupid questions, but i a'm not understand how to do it properly.
If i have ubuntu 16.04 - at first i should update it to 18.04 ?


you don't have to. you can install 8.8.12 on 16.04.

anyway 18.04 is still in beta, don't use it

Go to advanced search