Author Topic: Update cPanel..  (Read 2686 times)

0 Members and 1 Guest are viewing this topic.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Update cPanel..
« on: September 24, 2006, 10:34:38 am »
.. there is a local root attack (ie, for users with a cPanel account already):

Quote
[snip]

HostGator says hackers compromised its servers using a previously
unknown security hole in cPanel, the control panel software that is
widely used by hosting providers. "I can tell you with all accuracy
that this is definitely due to a cPanel exploit that provides root
access and all cPanel servers are affected," said HostGator system
administrator Tim Greer. "This issue affects all versions of cPanel,
from what I can tell, from years ago to the current releases, including
Stable, Release, Current and Edge."

cPanel has just released a fix. "Running /scripts/upcp will fix the
vulnerability in all builds," cPanel said in a message on its user
forums. "Please note that this is a local exploit which requires access
to a cPanel account. ... If you believe you have been exploited through
this vulnerability, you are welcome to submit a support request for
assistance."

Hackers gained access to HostGator's servers late Thursday and began
redirecting customer sites to outside web pages that exploit an
unpatched VML security hole in Internet Explorer to infect web surfers
with trojans. The existence of the new "0-day" exploit of cPanel leaves
a large number of hosting companies vulnerable to similar attacks until
they install the patch. The riusk is mitigated somewhat by the fact
that it is a local exploit, meaning any attack on a host must be
launched from an existing account with cPanel access.

HostGator site owners said iframe code inserted into their web pages
was redirecting users to the malware-laden pages. Company staff made
several efforts to reconfigure servers on Friday, only to have the
exploits recur. By early Saturday morning, HostGator managers were
assuring users that the cause of the redirections had been isolated,
and was due to a new exploit targeting cPanel.

[snip]

Link:
http://news.netcraft.com/archives/2006/09/23/hostgator_cpanel_security_hole_exploited_in_mass_hack.html

- ferg



Offline Blaze

  • x86
  • Hero Member
  • *****
  • Posts: 7136
  • Canadian
    • View Profile
    • Maide
Re: Update cPanel..
« Reply #1 on: September 24, 2006, 01:29:02 pm »
Very neat.  :)
And like a fool I believed myself, and thought I was somebody else...