Removing UebiMiau

[mjk]

Hey All,

I would like to remove UebiMiau as an option in the DA interface. I have done the http.conf script alias mod, so its never going to get used. However, I would like it gone from DA as well.

Suggestions on how this is done?

 

[nobaloney]

You can delete the complete folder.

Jeff

 

[mjk]

Sure, which I have done. However, that does not remove the link from the DA interface. I want things too look nice and clean

 

[Samplex]

?

I want got the same problem.. it doesnt get removed from the DA page..

 

[Duboux]

Ah, you mean the link in the control panel..

You could edit the skin template, but best option would be to make DA notice it's not there anymore..
Don't ask me how..

 

[jlandes]

I believe in order to remove it from DA, you'd have to modify the skin. Another option is this. Hope this helps.

 

[robj]

So I've had DA for almost a month and I'm not exactly comfortable with shell access, but what would be the best way to uninstall UebiMiau?

I've created my own theme and login pages, so that's not much of a concern changing the interface links. What are the beginning steps?

Just remove the 'webmail' folder? What else?

Thanks

rob

 

[chatwizrd]

All I did was changed the Alias settings in httpd.conf

So /webmail points to squirrelmail instead.

 

[robj]

Where is the httpd.conf located?

After a search, I found 4 or 5 different .conf files. I modified the file found here:
/etc/httpd/conf/httpd.conf
by both modifing /webmail redirect and add this script to the end of that section:
Alias /webmail /var/www/html/squirrelmail/

Neither changed the actions taken after typing mydomain.com/webmail. I still get UebiMiau.

Any help?
-rob

 

[chatwizrd]

httpd.conf is in /etc/httpd/conf/httpd.conf

After you edit you must restart the webserver

Type:

service httpd restart

 

[robj]

Holy Quick Responce, Batman.

I'll try that now. Thanks

[Edit]
That's worked! And for all the shell weary users, you can restart the httpd from the DA admin panel located under Service Monitor.

rob

 

[MadHag]

Howto for removing UebiMiau.

So, could someone do a howto for removing this so it's not so confusing. Remove it entirely and cleanly I mean.

UebiMaiu is a security threat, it is apparently susceptible to multiple attacks because it fails to sanitize user input to the 'selected_theme' parameter of the 'error.php' script before using it as a template to generate dynamic HTML.

An unauthenticated attacker may be able to leverage this issue to disclose information about files or directories or to launch a cross-site script attack against the affected application.

http://archives.neohapsis.com/archives/fulldisclosure/2007-05/0511.html

I only found out because I installed a program called Nessus, it's pointing out a whole load of vulnerabilities to me.

http://www.nessus.org/nessus/

David