GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   ATTN: Security Alert: Cpanel Users/Owners - SERIOUS ALERT Damnit (https://gfy.com/showthread.php?t=658661)

Adult Warden 09-23-2006 02:41 PM
ATTN: Security Alert: Cpanel Users/Owners - SERIOUS ALERT Damnit
 
Aight...Word just came in about a new exploit for Cpanel (go figure)

Looks like there's a root exploit out for cPanel servers

Very serious: Gives attackers full root access, will not show up in rootkit checks. Many of your machines may already be affected.

Official word from Cpanel: "This has been confirmed and patched. Running /scripts/upcp will fix the vulnerability in all builds. Please note that this is a local exploit which requires access to a cPanel account.

Please send information such as this to [email protected] to make us aware. The first communication we received was at 2:15pm CST. If you believe you have been exploited through this vulnerability, you are welcome to submit a support request for assistance. (https://tickets.cpanel.net/submit/in...eqtype=tickets)"

Reference: http://www.webhostingtalk.com/showthread.php?t=549457

DO NOT IGNORE THIS WARNING!

Ice 09-23-2006 02:43 PM
wheeeew got in before squishypimp :glugglug

Adult Warden 09-23-2006 02:45 PM
Quote:
Originally Posted by Ice
wheeeew got in before squishypimp :glugglug
:1orglaugh :1orglaugh

spasmo 09-23-2006 02:48 PM
If you're actually running a web-based admin tool, at the very least put .htaccess or AuthCookie in front of it.

:2 cents:

tranza 09-23-2006 02:49 PM
Should I warn Webair?

the alchemist 09-23-2006 02:50 PM
People still use that crap? :1orglaugh

Adult Warden 09-23-2006 02:57 PM
Quote:
Originally Posted by tranza
Should I warn Webair?
I don't have them on my icq list...So yeah

spasmo 09-23-2006 02:58 PM
Quote:
Originally Posted by the alchemist
People still use that crap? :1orglaugh
Why do it the right way when you can point and click? :1orglaugh

squishypimp 09-23-2006 03:00 PM
Quote:
Originally Posted by Ice
wheeeew got in before squishypimp :glugglug
lol how did i miss this one??????

Sparks 09-23-2006 03:00 PM
Quote:
Originally Posted by tranza
Should I warn Webair?
Webair uses their own custom panel.

Thanks for the heads up Adult Warden, I have Cpanel on a few of my boxes right now. Going to fix it now!

Adult Warden 09-23-2006 03:07 PM
Quote:
Originally Posted by Sparks
Webair uses their own custom panel.

Thanks for the heads up Adult Warden, I have Cpanel on a few of my boxes right now. Going to fix it now!
Even if they mostly use their own panel...Some will request cpanel...As its widely known and user friendly...

com 09-23-2006 03:13 PM
this is why i love admin panels :)

chaze 09-23-2006 03:22 PM
Quote:
Originally Posted by Adult Warden
:1orglaugh :1orglaugh

Quick draw :pimp

borked 09-23-2006 03:24 PM
admin panels are great for virtual hosting - giving each virtual host their own web panel to adminsiter their domain. But I draw the line at a cp where you have to enter your root password like cPanel to administer a server, like WHM in the cPanel bundle. What's wrong with the CLI?

spasmo 09-23-2006 03:28 PM
Quote:
Originally Posted by borked
What's wrong with the CLI?
Learning curve.

woj 09-23-2006 03:44 PM
Quote:
Originally Posted by Ice
wheeeew got in before squishypimp :glugglug
:1orglaugh

Adult Warden 09-23-2006 04:38 PM
Bump For Alert

Adult Warden 09-23-2006 07:53 PM
Another bump...Help me keep this bumped so people know and protect their shit

fallenmuffin 09-23-2006 07:56 PM
Everythough it's at the top...

BUMP! for Adult Warden oh and security

kacy 09-23-2006 10:49 PM
And yet another reason why Naked Hosting does NOT use cpanel ;)


All times are GMT -7. The time now is 11:41 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123