Security Vulnerability?

[anup123]

http://secunia.com/advisories/15770/

Any news from cPanel on this?

Thanks
Anup

[chirpy]

You should email the link to security@cpanel.net

[darren]

This is a known and fixed problem, it was released a few days ago but only affects versions of cpanel somewhere around 6 months old (cpanel 10.x is not affected). for anyone who has not updated in quite some time, updating to the latest release of whatever build version you follow will fix it.

[anup123]

This is a known and fixed problem, it was released a few days ago but only affects versions of cpanel somewhere around 6 months old (cpanel 10.x is not affected). for anyone who has not updated in quite some time, updating to the latest release of whatever build version you follow will fix it.

From secunia:
The vulnerability has been confirmed in version 10.2.0-R82. Other versions may also be affected.

Not sure what this means as

RELEASE
10.2.0-RELEASE_82
(Sat May 7 17:32:13 2005)

Is the one that's available latest.

Anup

[DigiCrime]

i posted this on bugzillia early this morning I got yelled at for it I forget about sending it to security@cpanel.net

Oh well

[darren]

Hello again,
I investigated this a bit further and found that some browsers still allow for it to work. The head developer put in a patch for it that is out in EDGE now, so if anyone is looking to test it, that's the build you need.