--- ALERT: Open whole for hackers in CPanel ---
There is a whole in Cpanel that allows hacker to take FULL CONTROL over ANY account on your server.
More still to come, I'am checking this with few ISP's.
WHY DIDN'T ANYONE FROM CPANEL TOLD US ABOUT THIS ???
There is a BIG - HUGE security whole in Cpanel and no one didn't say anything about it ??
come on CPanel support where are you ??
I'am asking CPanel support I need to know is this bug fixed 100% in new CPanel 6, as stated "maybe" is not good for me, I need to know for A FACT is version 6 completey off this security risk ?
What hole would that be? There's no shortage of people who take delight in pointing out security issues with cPanel and then point to something else as being superior, despite the fact that there are holes to be found in everything. There are also indications in WHM news about issues that crop up with something in cPanel and their resolutions, even if they don't always check their spelling first:
"All traces of openwebmail have been elimiated as it has multiple secuirty issues."
"Fix a large secuirty hole in guestbook.cgi"
Much better than our old Alabanza days where we reported bugs and then waited...and waited...and waited....
Annette
Hosting Matters, Inc.
http://www.hostmatters.com
btw..it's spelt H-O-L-E.
lol would you mind tellings us all what this huge hole is then?Originally posted by iisnet
btw..it's spelt H-O-L-E.
I wonder if the whole "hole" security thing is about the HOT bug, common with so many systems. It's a known fact that it works on "any" operating system in any Country at any time of the day. The HOT bug has been around as long as there have been Computers, the possibility of eliminating it seems to be about NIL!
Hackers, Crackers, and Whackers have long known about the HOT bug and it seems only now, most IT depts. are cluing in to it.
Mwwwhahaha...
Be afraid, be very afraid.
Helping people Host, Create, and Maintain their Web Site
Also providing Server Admin Services - setup / troubleshooting
http://potentproducts.com/
Whoops... got you all excited and forgot to specifiy what the HOT bug is.
It's a Human On Telephone of course.
Helping people Host, Create, and Maintain their Web Site
Also providing Server Admin Services - setup / troubleshooting
http://potentproducts.com/
Originally posted by Website Rob
Whoops... got you all excited and forgot to specifiy what the HOT bug is.
It's a Human On Telephone of course.
Sweet!!! I like that one...
Regards,
David
Forum Moderator
This is a semi-old problem, A security group found the vuln and i was subscribed to it. I tested both holes. The guestbook vuln was true, and the openwebmail one was not. Openwebmail was still removed because it's not used. I informed nick of these the "hole" right away and he fixed them. I think he actually might have had the guestbook hole fixed before. anyway, upgrading to build 6.0.x fix's the problems.
Shaun Reitan
NDCHost.com - cPlicensing.net - ProVPS.com
Contact us for your cPanel Licensing needs! We Price Match, We provide Support, We take care of our customers!
Re: --- ALERT: Open whole for hackers in CPanel ---
Quit being a dumbass. Fixing it involved changing a couple of permissions...Originally posted by DianaL
There is a whole in Cpanel that allows hacker to take FULL CONTROL over ANY account on your server.
More still to come, I'am checking this with few ISP's.
WHY DIDN'T ANYONE FROM CPANEL TOLD US ABOUT THIS ???
There is a BIG - HUGE security whole in Cpanel and no one didn't say anything about it ??
come on CPanel support where are you ??
What is this hole you are talking about? Care to be a bit more specific?
Is it the guestbook which was already patched?
Inquiring minds would like to know
oh...nevermind..post edited
LinkBack URL
About LinkBacks
Reply With Quote