Major Exploit

**LS_Drew** · 09-23-2006 02:43 PM

I am hearing through a few very reliable channels that a serious exploit in Cpanel has been found. Does anyone from Cpanel have any idea how long it will take to formulate a patch to us?

**WireNine** · 09-23-2006 02:51 PM

http://www.webhostingtalk.com/showthread.php?t=549462

CPanel exploit? More information... this is a serious issue.

**donniesd** · 09-23-2006 03:11 PM

Anything from cpanel, on this problem.

**Infopro** · 09-23-2006 04:05 PM

By now we who have used cpanel for many years, wave to you on your way out.

**donniesd** · 09-23-2006 04:09 PM

Originally Posted by chris8lunch

Link is dead.. says invalid thread.

Here you go!

http://www.webhostingtalk.com/showthread.php?t=549291

**LS_Drew** · 09-23-2006 04:12 PM

http://www.webhostingtalk.com/showthread.php?t=549457

**chris8lunch** · 09-23-2006 04:14 PM

Link is dead.. says invalid thread.

**WireNine** · 09-23-2006 04:16 PM

Originally Posted by chris8lunch

Link is dead.. says invalid thread.

The thread was merged with several other threads
http://www.webhostingtalk.com/showthread.php?t=549291

**jamesbond** · 09-23-2006 04:17 PM

That's because the different threads about this topic have been merged into 1 thread

http://www.webhostingtalk.com/showthread.php?t=549291

**konrath** · 09-23-2006 04:23 PM

[QUOTE=r00t pAsSw0rd]By now we who have used cpanel for at least a year can say cpanel is the most pathetic panel of all time. Full of bugs, full of security issues.

Hello

Which the relation of bug VML exploit with cpanel? I do not understand

Thank you
Konrath

**mchase** · 09-23-2006 04:38 PM

[QUOTE=konrath]

Originally Posted by r00t pAsSw0rd

By now we who have used cpanel for at least a year can say cpanel is the most pathetic panel of all time. Full of bugs, full of security issues.

Hello

Which the relation of bug VML exploit with cpanel? I do not understand

Thank you
Konrath

They're speaking about the "CPanel exploit" that was used to plant the IE exploit onto the pages to begin with.

**techark** · 09-23-2006 04:42 PM

Originally Posted by r00t pAsSw0rd

By now we who have used cpanel for at least a year can say cpanel is the most pathetic panel of all time. Full of bugs, full of security issues.

If you look in the bugzilla, over 1700 open bug reports. What a shame.

I'm moving to another panel, preferrably interworx or plesk 8.

So long cpanel!

Byeeeeeeeee don't let the door hit ya.

**daveformerlyof** · 09-23-2006 04:47 PM

This has been confirmed and patched. Running /scripts/upcp will fix the vulnerability in all builds. Please note that this is a local exploit which requires access to a cPanel account.

Please send information such as this to security@cpanel.net to make us aware. The first communication we received was at 2:15pm CST. If you believe you have been exploited through this vulnerability, you are welcome to submit a support request for assistance. (https://tickets.cpanel.net/submit/in...eqtype=tickets)

Edit:updated support link

**konrath** · 09-23-2006 04:53 PM

[QUOTE=mchase]

Originally Posted by konrath

They're speaking about the "CPanel exploit" that was used to plant the IE exploit onto the pages to begin with.

Which version of the CPANEL is affected ?

Who knows?

Thank you
Konrath

**myusername** · 09-23-2006 04:59 PM

All of them.

Originally Posted by konrath

Which version of the CPANEL is affected ?

Who knows?

Thank you
Konrath

Originally Posted by davedark

This has been confirmed and patched. Running /scripts/upcp will fix the vulnerability in all builds.

LinkBack

Thread Tools

Major Exploit

all

Possible Exploit?

Major Major Problems

SSH exploit

ProFTP Exploit

proftpd exploit