Name Summary     Advisory.txt Advisory from someone. Note that there was no vendor notification like he claims. The guestbook.cgi is bad, the openwebmail thing was removed months before this advisory as it was only used for a couple of weeks until cpanel developers discovered that and many other security holes with it. Also cpanel removes setuid perl upon installation so this exploit could not have worked anyway. apacheconfclean quick n dirty hack to clean up the httpd.conf . this does take some aciton on your part after running. bwfix bandwidth fix (more like helper) for servers that ran cpanel beta 6 before release 21 bwfix-convert 2nd part of bwfix for users who ran cpanel beta 6 under release 21 bwfix2 No Info Available bwsum script to total all bandwidth used in /var/cpanel/bandwidth/username bwtotal small script to add up bandwidth usage from cpanel, needs editing for dates other than april 2004 clearnobody small script to delete the mails in Exim's queue belonging to the "nobody" user cpMon-BSD small script to be run as a background process to poll every 10 seconds and checks load and logs a lot of info if it is over a certain level. cpMon-Linux small script to be run as a background process to poll every 10 seconds and checks load and logs a lot of info if it is over a certain level. cpMon-Portreply monitor if a port/service is replying normally cpMon_Linux_process watches `ps uaxww` and checks to see if cpsrvd is running and log it if not create_own_webapps_dirs Dirty hack to create ~/webapps/WEB-INF/ directories so each user can install their own servlets and such. create_own_webapps_dirs_old No Info Available disablefileprotection in case you ran /scripts/enablefileprotection, this changes it back eximq cleans out exim queued mail if older than 4 days, cleans up rebel -H and -D files with no partner findmissingvfilterdoms finds out what domains are missing from /etc/vfilters/ that should exists. fixbw script to run in /var/cpanel/bandwidth/ to clear out old entries with bad data. fixcgialias For CPanel/WHM only servers, in case you have alot of accounts who are missing the /home in the ScriptAlias directive for the vhosts. must be run in /usr/local/apache/conf/ fixpasswdshadowdiff DIRTY hack to restore users if they have been lost in /etc/shadow but are in /etc/passwd fixtruncatedshadow script to replace users in /etc/shadow if /etc/passwd has more users ftpbw No Info Available gethttpbw script used to see how much traffic a domain has done via apache by looking through the domlog. can also search and tally only dates matching a certain string. httpftpbw calculates http and ftp bandwidth. not 100% accurate. makenew_cpanel.pem this creates a new cpanel.pem just like the one that comes with a default install md5sum-bsd perl script that wraps freebsd's /sbin/md5 and formats it to linux's md5sum format. name the script /sbin/md5sum and chmod 755 it. used for copying accounts from linux to freebsd when whm can't find /sbin/md5 for some reason. pthreadstest.c simple test to see if pthreads work on the box, it will segfault shortly after startup if it's not working compile with "gcc pthreadstest.c -o ptest -lpthread" rebuildlocaldomains script to read /var/cpanel/users/* and rebuild /etc/localdomains restoreemailuserpasswd script to rebuild /home/USER/etc/mail/DOMAIN/passwd files if blanked from populated /home/USER/etc/mail/DOMAIN/shadow files restoreipsalises Only for use on CPanel (cpanel.net) enabled servers, and only when /etc/ips has been rm'd . Almost no one will ever use this. rhist 10.14.2003 - run this to get back last 12 months of stats if /scripts/fixwebalizer was run rhist2 No Info Available rhist3 No Info Available rmsemaphores quick script to delete all semaphores from memory verifyusers script to see who in /var/cpanel/users/ is actually a valid user and should be reported as such to WHM/CPanel whoowns No Info Available zonefileformat a very scary and ugly script to format the zones in /var/named/ to a cpanel friendly format. i do not suggest using this. ever.