Security A Security hole has been discovered in the cPanel's suexec/mod_php handlers.

**Jedia** · 06-07-2004 09:49 PM

Security A Security hole has been discovered in the cPanel's suexec/mod_php handlers. To resolve the problem:
Update apache using easyapache, or the WHM's apache builder by clicking here.
Once apache is updated, you should then update to cPanel 9.4.0 or later by clicking here. (It is recommended that you update cPanel. The cPanel update is not required to resolve the security hole. Howver, it will provide a better security model to guard against future problems.)

* RELEASE and STABLE users should wait until Tuesday June 8th (or when this notice is removed) to upgrade cPanel.
** 9.4.0 Builds 1-5 have problems with email aliases. It is strongly recommended that you do not use these builds.

**techark** · 06-07-2004 10:51 PM

Don't update yet it breaks cpanel they say updating ot C10 will fix it but I am at C12 and all cpanel webmail etc url's are broke,.

**Choppy** · 06-07-2004 11:38 PM

Are you sure its working i just finished upgrading.. But only allow it to upgrade to stable.

And everything is still broken. /cpanel/ /webmail/ etc etc.

Regards
Phillip

**nickn** · 06-07-2004 11:38 PM

Make sure you are running C12...still broke on C12?

**Choppy** · 06-07-2004 11:47 PM

snickn

techark says he is running C12 but still the same.

Regards
Phillip

**techark** · 06-08-2004 12:01 AM

Updating to Edge fixed it.

**Choppy** · 06-08-2004 12:07 AM

So breaking other things or risking other things is a better solution?

Hmm.

Regards
Phillip

**techark** · 06-08-2004 12:16 AM

Hey I am not a happy camper either this is 3 rd time in 4 days I have had to complie Apache across 60 something servers.

Getting kind of old if you know what I mean.

Firstit was update to 1.3.1 right away then a few hours after I did that it was ModSSL has to be done now this.

**bman** · 06-08-2004 01:29 AM

but for some one running stable cpanel he/she should not upgrade apache ?
and to upgrade justy run buildapache and click build with out changeing the options ?

**Dreamer** · 06-08-2004 02:56 AM

I'm on build 12 and /cpanel definetly works.

**techark** · 06-08-2004 03:02 AM

The upgrade seems to have broken Front page on all our servers.

ARCGHHHHHHH!!!!!

**bman** · 06-08-2004 03:02 AM

i updated to WHM 9.4.0 cPanel 9.4.0-E13
and did buildapache without changeing any options
every thing seems working ok but did i need to change any options in buildapache ?
or should i do /scripts/easyapache ?
what option should i pick in /scripts/easyapache ? is it 5 or 1 ?
thanks

**iko** · 06-08-2004 06:17 AM

I recommend not updating to a Current version. The STABLE tree is buggy enough to use buggier versions l

**kris1351** · 06-08-2004 09:47 AM

Seems we have less trouble running current versions than any other. We have been keeping all servers on Current since March with no issues.

**rodolfochka** · 06-08-2004 11:39 AM

I just updgraded Apache and cpanel to this:
WHM 9.4.0 cPanel 9.4.0-C12

and is working fine, the url's are working fine.
There is no error in the main page:
Security There are no known security problems with the build of cPanel you are using!

rodolfochka

LinkBack

Thread Tools

Security A Security hole has been discovered in the cPanel's suexec/mod_php handlers.

Knowing the CPanel version: A Security Hole

Cpanel's exim a security hole according to nessusd

Cpanel DEMO from ROOT Security Hole

the cpanel security hole thing