Patches and Updates
H-Sphere Winbox Security Update 2 For H-Sphere 2.4.2 Patch 4 and 2.4.3 RC 1
06 May 2005
This document explains how to patch your H-Sphere Winbox for the following H-Sphere versions:
H-Sphere 2.4.2 Patch 4
H-Sphere 2.4.3 RC 1
Important: Security Update 2 is also required for those who have updated H-Sphere Windows boxes with
Security Update 1!
Security Update 2 fixes XSS vulnerability in the E-Guest preinstalled guest book.
Make sure your H-Sphere Windows module has version
2.4.2 Patch 4 or H-Sphere 2.4.3 RC 1.
Open the file [Disk]:\\HSphere\scripts\consts.inc and check the parameters. Note: If the version is older, update it to any of the mentioned versions.
In this case skip the following procedures as new updates to these versions
already include the fix.
Open SOAP port 10125 for data communication between Control Panel and Windows server.
Important: if you're using Serv-U FTP service, make sure to disable SOAP feature in the
on the Control Panel box. Currently, H-Sphere with Serv-U installed doesn't support SOAP.
Update your Webshell to version 4 if you have an older version.