The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

I am worried about this article.

Discussion in 'General Discussion' started by anton_latvia, Feb 9, 2006.

  1. anton_latvia

    anton_latvia Well-Known Member
    PartnerNOC

    Joined:
    May 11, 2004
    Messages:
    348
    Likes Received:
    3
    Trophy Points:
    18
    Location:
    Latvia
    cPanel Access Level:
    Root Administrator
    Hello to all!
    I would like to apologize if my topic is off-topic, but I am a little bit worried after reading this article: http://www.zone-h.org/advisories/read/id=8668
    How do you think, is it critical or may be already fixed?

    Anton.
     
  2. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    I'm not sure whether it's fixed, but the important point is that the exploit can only be run by one of your users, that is, they have to sign up with you first. This makes it fairly unlikely, and I'm sure cpanel will fix it in the near future.
     
  3. nyjimbo

    nyjimbo Well-Known Member

    Joined:
    Jan 25, 2003
    Messages:
    1,125
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    New York
    I have always felt that way, however since so many customers love to use stupid passwords like "1234", "qwerty", "ncc1701" and other idiocy its not too much work for a hacker to get into a system as a "user".
     
  4. anton_latvia

    anton_latvia Well-Known Member
    PartnerNOC

    Joined:
    May 11, 2004
    Messages:
    348
    Likes Received:
    3
    Trophy Points:
    18
    Location:
    Latvia
    cPanel Access Level:
    Root Administrator
    well.. ncc1707 is not that much stupid. I think stupid is when customer is using the same password as his login name. like mama:mama. :eek:
     

Share This Page