Quote:
Originally posted by BlackRain
As far as the security issues go, I can only find these for Cpanel 5
*** {03.08.025} Cross - CPanel CGI multiple vulnerabilities
The CPanel CGI suite version 5 contains two vulnerabilities: remote
command execution via guestbook.cgi and local root privilege elevation
via the oom openwebmail script.
These vulnerabilities are not confirmed.
Source: VulnWatch
http://archives.neohapsis.com/archiv...3-q1/0087.html
|
Different type of security issue that adult hosts are weary of.
Let me explain:
To run cpanel fully you need to have everything on one server. Mail, named, and webserver. This not only put quite a load on a server that could be maxed out the days you get high traffic IE: a hun listing with a movie gallery.
It also opens up the server for all the attacks that would become available. Hosting companies minimize this risk by only running named on thier few name servers. Thus if a vulnerability pops up they don't have to fix every server only the few thats running named for them.
Same as above with mail.
Also it has been shown that even if they offer this type of service to thier customers it doesn't reduce the amount of tech support it in fact increases it. Because now the techs have added software they must maintain and support for the customers. Along with the added cost of tech support for these programs they also must pay the hefty fee's every month for the software licenses.
It's just not a viable option to most businesses.
I hope this explains it better.