Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED PHP IMAP Module Security Report

Discussion in 'Security' started by baroninn, Mar 4, 2019.

  1. baroninn

    baroninn Registered

    Joined:
    Jan 31, 2018
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Iceland
    cPanel Access Level:
    Root Administrator
    Did you guys see this:
    imap_open exploit
    Blog on the matter:
    portswigger.net/daily-swig/fresh-exploit-takes-the-shackles-off-disabled-php-functions

    How to test the exploit:
    github.com/Bo0oM/PHP_imap_open_exploit/blob/master/exploit.php

    I recently got myself a CRM system that didnt work on one host so I moved it to my cPanel server and everything worked perfectly there.
    I contacted the first hosting provider and they said there was a huge security exploit with imap_open function so they closed it up.

    That made me think about cPanel.
    Should I close it up on my cPanel host or have you guys taken any steps to prevent this exploit ?
     
    #1 baroninn, Mar 4, 2019
    Last edited by a moderator: Mar 4, 2019
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    46,991
    Likes Received:
    2,122
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Infopro likes this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice