The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New WHM (SSH) exploit

Discussion in 'General Discussion' started by WeMasterz5, Feb 16, 2005.

  1. WeMasterz5

    WeMasterz5 Well-Known Member

    Joined:
    Feb 24, 2003
    Messages:
    361
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Miami
    its out there, I have the proof, been working with one of the techs at server matrix, not sure if we have fixed it yet.. has anyone got anykind of info on any new exploits using ssh

    were running WHM 10.0.0 cPanel 10.0.0-C103
    RedHat Enterprise 3 i686 - WHM X v3.1.0
     
  2. LP-Trel

    LP-Trel Well-Known Member

    Joined:
    Oct 13, 2003
    Messages:
    184
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Nirvana
    If your version of the OpenSSH daemon is out of date it can be exploited but, I highly doubt WHM itself has an SSH exploit since it has zero to do with ssh.
     
  3. WeMasterz5

    WeMasterz5 Well-Known Member

    Joined:
    Feb 24, 2003
    Messages:
    361
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Miami
    well maybe not whm itself, but its something, I witnessed it as it was being done.. and with this there is ssh access, with root access that gives you read/write access on any account on the server
     
  4. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    38
    Can you give us any further info on this exploit ? Is it publicly available somewhere ? ( url plz? ) can you provide us or email me a copy of the source if you still have it on the box. Thanks.
     
  5. WeMasterz5

    WeMasterz5 Well-Known Member

    Joined:
    Feb 24, 2003
    Messages:
    361
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Miami
    we do not have this yet.. still working on that part.. all I know is that this exploit does work and it does give you read/write access on any account on a cpanel server

    I posted here to see if anyone else has any kind of information about this so we can get this fixed
     
  6. DigitalN

    DigitalN Well-Known Member

    Joined:
    Sep 23, 2004
    Messages:
    420
    Likes Received:
    1
    Trophy Points:
    18
    You should have sent this to security@cpanel.net if it is real and you are working on it with servermatrix already, you know how to carry out this exploit, so let cpanel know, but don't post it within this forum, till its fixed, if it is real.
     
  7. WeMasterz5

    WeMasterz5 Well-Known Member

    Joined:
    Feb 24, 2003
    Messages:
    361
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Miami
    it has been just passed to cpanel techs, had to wait till the replied to my ticket, and I am aware of the ramifications of posting stuff like this in a public area :)
     
  8. michthien

    michthien Member

    Joined:
    Nov 17, 2004
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Cpanel and SSH and kernel 2.4.28 and less

    there was a expoil for all the kernel except 2.4.29 and 2.6.10.
     
  9. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Without some URL's to what you're talking about, this just amounts to FUD and is silly.
     
Loading...

Share This Page