Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

important (mod_phpsuexec)

Discussion in 'General Discussion' started by prof, Jan 22, 2005.

  1. prof

    prof Member

    Joined:
    Jan 22, 2005
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    151
    Dears,

    that mod_php is installed by default on cPanel installations making all cPanel default installations to be vulnerable. The flaws are outlined below:

    When mod_php is enabled, all PHP scripts are executed as the same user as the web server, the "nobody" user. This allows all users to execute arbitrary code as a common user simply by creating a PHP script. This is the default behavior of cPanel installations

    now, is there any ways or suggetions to fix this vulnerability ??

    best ragards

    ــــــــــــــــــــــــــــــــــ
    Prof
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    buildapache with phpsuexec - it's in WHM.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. brentp

    brentp Well-Known Member

    Joined:
    Mar 11, 2004
    Messages:
    324
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Ayr, North Queensland, Australia
    its not really a vulnerability just disable the system, exec, and those sort of functions in php.ini.

    Regards,
    Brent
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice