Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

cpanel bug or what?

Discussion in 'Security' started by upsforum, Dec 20, 2013.

  1. upsforum

    upsforum Well-Known Member

    Joined:
    Jul 27, 2005
    Messages:
    471
    Likes Received:
    0
    Trophy Points:
    166
    on a vps I created a new account yesterday, the account is "dipenden" username, today a user acceded and uploaded a zip file phishing on this ftp account but from cpanel of another account, this is access_log:

    IP-NOAUTH-USER - dipenden [12/20/2013:11:31:25 -0000] "GET /cpsess0000000/frontend/x3/files/img/fileactions/codeedit.png HTTP/1.1" 200 0 "http://www.anotherdomnainonsamevps:2082/cpsess4836193581/frontend/x3/files/selfile.html?dir=%2fhome%2fdipenden%2fpublic_html%2fimage&file=WellsfargoOnline.zip" "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0" "-"

    how is this possible?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 upsforum, Dec 20, 2013
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,827
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    The ports used to access services such as cPanel/WHM are accessible over any domain name that points to the server. Thus, if a user had valid authentication details, they can use any domain name that points to the server to access cPanel. You are welcome to open a support ticket so we can take a closer look and verify it's not anything more than that:

    Submit A Ticket

    You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPanelMichael, Dec 20, 2013
  3. upsforum

    upsforum Well-Known Member

    Joined:
    Jul 27, 2005
    Messages:
    471
    Likes Received:
    0
    Trophy Points:
    166
    thank you, I submitted a ticket
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 upsforum, Dec 20, 2013
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,827
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Would you mind sharing the ticket number so we can update this thread with the outcome?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 cPanelMichael, Dec 23, 2013
(You must log in or sign up to post here.)
Loading...
Similar Threads - cpanel
  1. Spork Schivago

    New Thread Are git repositories on cPanel private?

    Spork Schivago, Oct 23, 2018 at 7:17 PM, in forum: General Discussion
    Replies:
    0
    Views:
    7
    Spork Schivago
    Oct 23, 2018 at 7:17 PM
  2. cPanelLauren

    In Progress [CPANEL-23589] - Updates to v76 can break dovecot if the configuration is customized

    cPanelLauren, Oct 23, 2018 at 9:20 AM, in forum: General Discussion
    Replies:
    1
    Views:
    30
    GOT
    Oct 23, 2018 at 9:23 AM
  3. Azim

    New Thread Send Backups to Another cPanel Server?

    Azim, Oct 23, 2018 at 8:00 AM, in forum: Data Protection
    Replies:
    5
    Views:
    42
    GOT
    Oct 23, 2018 at 8:39 AM
  4. Hendra Lismanda

    New Thread Reinstall cPanel & WHM from a valid distribution Error

    Hendra Lismanda, Oct 22, 2018 at 1:17 AM, in forum: General Discussion
    Replies:
    3
    Views:
    42
    24x7server
    Oct 22, 2018 at 9:05 AM
  5. seb.witt

    Pending Publication [CPANEL-22645] Shells spawned via cPanel Terminal inherit memory limits from cpsrvd

    seb.witt, Oct 21, 2018 at 5:50 AM, in forum: General Discussion
    Replies:
    3
    Views:
    70
    cPanelMichael
    Oct 23, 2018 at 12:23 PM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice