The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

important (mod_phpsuexec)

Discussion in 'General Discussion' started by prof, Jan 22, 2005.

  1. prof

    prof Member

    Joined:
    Jan 22, 2005
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Dears,

    that mod_php is installed by default on cPanel installations making all cPanel default installations to be vulnerable. The flaws are outlined below:

    When mod_php is enabled, all PHP scripts are executed as the same user as the web server, the "nobody" user. This allows all users to execute arbitrary code as a common user simply by creating a PHP script. This is the default behavior of cPanel installations

    now, is there any ways or suggetions to fix this vulnerability ??

    best ragards

    ــــــــــــــــــــــــــــــــــ
    Prof
     
  2. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    buildapache with phpsuexec - it's in WHM.
     
  3. brentp

    brentp Well-Known Member

    Joined:
    Mar 11, 2004
    Messages:
    324
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Ayr, North Queensland, Australia
    its not really a vulnerability just disable the system, exec, and those sort of functions in php.ini.

    Regards,
    Brent
     
Loading...
Similar Threads - important (mod_phpsuexec)
  1. John Tadros
    Replies:
    2
    Views:
    164

Share This Page