Server was hacked via cPanel demo...

[WreckRman2]

This morning my server with EV1 was hacked. The EV1 support center determined that the hacker made his way into the system via the cPanel demo I had available on my server. The hacker was able to upload a file into my /tmp directory that was performing DOS attacks.

Now I really like cPanel but it's a shame that their own demo mode isn't secure. Needless to say I won't be offering a demo mode anymore and I wanted to share this eith everyone else.

If you have any questions I'll gladly answer them but I will say everything on my server was up to date.

[GordonH]

This is possibly related to the php issue I reported earlier in the week.

[jamesbond]

Originally posted by GordonH
This is possibly related to the php issue I reported earlier in the week.

Which has been fixed according to the changelog, but only in EDGE...

[GordonH]

Yes, I dont like updating to edge.
Its OK if you have one or 2 servers but we have nearly 60 and if there is a bug in the edge release it can be a nightmare to try and deal with across so many boxes.

[netwrkr]

Originally posted by GordonH
This is possibly related to the php issue I reported earlier in the week.

Can anyone confirm this PHP bug has been exploited on a cPanel server? What is cPanel doing to fix this? If this is a remotely exploitable vulnerability Nick needs to get on the ball and push out a fix in a release update now.

[qbert1987]

anyone herd from the achal cpanel people about this, im keen for a fix so i can offer a demo...

[damainman]

it would be nice to have a timeframe on when the next stable release of cpanel would actually be released.

[netwrkr]

Originally posted by damainman
it would be nice to have a timeframe on when the next stable release of cpanel would actually be released.

agreed. Been almost 3 months already.