important (mod_phpsuexec)

**prof** · 01-22-2005 11:07 PM

Dears,

that mod_php is installed by default on cPanel installations making all cPanel default installations to be vulnerable. The flaws are outlined below:

When mod_php is enabled, all PHP scripts are executed as the same user as the web server, the "nobody" user. This allows all users to execute arbitrary code as a common user simply by creating a PHP script. This is the default behavior of cPanel installations

now, is there any ways or suggetions to fix this vulnerability ??

best ragards

ــــــــــــــــــــــــــــــــــ
Prof

**rs-freddo** · 01-23-2005 01:21 AM

buildapache with phpsuexec - it's in WHM.

**brentp** · 01-23-2005 01:34 AM

its not really a vulnerability just disable the system, exec, and those sort of functions in php.ini.

Regards,
Brent

LinkBack

Thread Tools

important (mod_phpsuexec)

urgent and very important

Important

!!very Important To All!!

very Very important

IMPORTANT!