Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

exim/YAML security issue?

Discussion in 'Security' started by vltech, Feb 2, 2013.

  1. vltech

    vltech Registered

    Jan 24, 2013
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Website Owner
    I'm watching the horror show that is the recently discovered vulnerablity in Ruby on Rails unfold (see The problem turns out to be in RoR's use of/parsing of YAML files.

    Lots of things use YAML. For instance, just the other day I was messing about with cpanel's email filtering functionality, and discovered it uses YAML. I'm not sure if that's on cpanel's side of the fence or exim's side of the fence. But it seems maybe somebody at cpanel should be looking into this? Because like that article says, now that the role of YAML in compromising RoR is widely known, the blackhats will be scrutinizing other widely adopted stacks and apps which also use YAML, to see if the same kinds of attacks work against them, too.

    For that matter:

    cpanel, you looking into this?

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice