Hey. Yesterday a new bug was announced at: http://milw0rm.com/exploits/3459 One of my clients informed me that it was exploitable on my servers. I couldn't find anything on netenberg or this forum about it. I wrote a quick fix for it: Insert this in file '/usr/local/cpanel/3rdparty/fantastico/includes/load_language.php' before 'if(is_file($userlanguage))': PHP: /* NetShock - make sure file is in languages dir */ $tmp = split('/',$userlanguage); $userlanguage = $fantasticolangpath . $tmp[count($tmp)-1]; I think the best way to prevent the second exploit would be to deny direct access to files in includes directory. Unfortunetly cpanel doesn't read .htaccess files in fantastico dir (don't know why). That's why I came with another fix. I created a file '/usr/local/cpanel/3rdparty/fantastico/fix.php' containing: PHP: <? /* NetShock - quick fantastico fix */ $fantasticopath = ''; ?> Then edited /usr/local/cpanel/3rdparty/etc/php.ini file. Found line with auto_prepend_file and modified it as follows: Code: auto_prepend_file = "/usr/local/cpanel/3rdparty/fantastico/fix.php" ;fix fantastico register globals bug I hope it helps. Of course the best thing to do would be to rewrite fantastico with register_globals set to off. Ps. Feel free to post this on netenberg.com forum - I tried registering an account there, but didn't get a confirmation email yet.