Cpanel Exploit

Open Discussion

Free Web Hosting, No Ads Portal

Free Web Hosting

Welcome Guest ( Log In | Register)

Open Discussion > CONTRIBUTE > Computers > Computer Security Issues & Exploits

Reply to this topic

Start new topic

Cpanel Exploit, security hole in cPanel to hack the servers of a hosting company

aka-2 View Member Profile Find Member's Posts	Sep 25 2006, 09:00 AM Post #1
Newbie [Level 3] Group: Members Posts: 45 Joined: 16-July 06 Member No.: 26,699	A pair days ago I read this new on Slashdot: cPanel Exploit Used to Circulate IE Exploit QUOTE "In a dangerous combination of unpatched exploits, hackers have used a previously undiscovered security hole in cPanel to hack the servers of a hosting company and use hundreds of hijacked sites to infect Internet Explorer users with malware using the unpatched VML exploit. cPanel, whose hosting automation software is used by many large hosting companies, has issued a fix. It's a local exploit, meaning the attacker must control a cPanel account on the target hosting provider." Trap17 uses cpanel tool in its hosting, and a few days ago happend this "Kidnapped Domain?" Do you think it may be the cause? Anybody with this problem? Whatever, sure this exploit will resolved soon. (list)

BuffaloHELP View Member Profile Find Member's Posts	Sep 25 2006, 11:05 AM Post #2
Desperately seeking "any key" to continue... Group: Admin Posts: 3,627 Joined: 23-April 05 From: Trap17 storage box Member No.: 6,042 myCENT:14.10	No. The member who posted regarding misdirected host name was just an isolated incident. The only affected person was the domain owner and the rest of members who replied saw the correct site. That's why I recommended that perhaps a localized spyware might have been redirecting the traffic in the first place. If Trap17 cPanel is at security risk it will also be localized to that member's cPanel. But since the articles do not specify which version of cPanel can be exploited, it's hard to say if Trap17 is safe or not. As far as I can undestand it, it looks like it's limited to HostGator at the moment. Looks like someone/people weren't happy with HostGator? But the method is not that they were attacking cPanel directly but using unsecure IE to "hack" the cPanle access. QUOTE A remote, unauthenticated attacker can execute arbitrary code on a vulnerable system. This means when a computer user failed or ignored to update to Windows security latest patches the IE browser can pickup this malicious codes that can execute when cPanel is accessed with infected IE. The worse virus for computers is uneducated users (list)

Saint_Michael View Member Profile Find Member's Posts	Sep 26 2006, 03:45 AM Post #3
$p4m 0n j00 $h4m3 m3 0nc3 $p4m 0n m3 $h4m3 m3 7\/\/1c3 Group: [HOSTED] Posts: 6,786 Joined: 21-September 04 From: 9r33\|\\| 399$ 4\|\\|D 5P4/\/\ Member No.: 1,218 myCENT:READY[116.60]	Well I just checked a few sites out for those who auto update the software to cpanel get the patch so they are fine. So if OpaQue did have it set to auto update then we are fine. (list)

CrazyRob View Member Profile Find Member's Posts	Sep 26 2006, 04:53 PM Post #4
ITS ALIVE.....MUHHHAAAA Group: Members Posts: 531 Joined: 17-October 05 From: Chippenham UK Member No.: 13,031	I have to say i use cPanel on a fwe of my servers i dont know if you know but the problem can be solved through SSL and just blocking off the 2082 and 2096 ports in cpanel httpd config then only the ssl pots will be active so the holes will be secured. all cpanel distros autmatically update anaway and all the holes should be fixed for cPanel Evelution (version 12). (list)

gameratheart View Member Profile Find Member's Posts	Sep 26 2006, 05:25 PM Post #5
Privileged Member Group: [HOSTED] Posts: 511 Joined: 14-November 05 From: Britannia! Member No.: 14,287 myCENT:42.36	If there was a problem with the cPanel that Trap17 uses, then I would be assured by the fact that OpaQue would quickly be made aware of it and endeavour to fix it. And yeah, Saint_Michael is probably right, OpaQue's probably got an autoupdate feature installed on all of our cPanels anyway, so if there was a problem we'd be protected anyway. (list)

Dooga View Member Profile Find Member's Posts	Sep 27 2006, 03:51 PM Post #6
Moderator Group: [MODERATOR] Posts: 1,342 Joined: 26-December 04 From: Canada Member No.: 2,940 myCENT:73.17	Most Trap17 members aren't that evil anyways (list)

aka-2 View Member Profile Find Member's Posts	Sep 28 2006, 03:11 PM Post #7
Newbie [Level 3] Group: Members Posts: 45 Joined: 16-July 06 Member No.: 26,699	In no way my intention has been expand any rumor, all the oposite. This is a great comunity ang hosting, reason why I'm hosted here. (list)

CrazyRob View Member Profile Find Member's Posts	Sep 28 2006, 07:27 PM Post #8
ITS ALIVE.....MUHHHAAAA Group: Members Posts: 531 Joined: 17-October 05 From: Chippenham UK Member No.: 13,031	cpanel have released the update as critical so all cpanel servers including traps should update automatically. as it installed for me without any interaction what so ever (list)

iGuest View Member Profile Find Member's Posts	Mar 10 2008, 12:31 AM Post #9
Hail Caesar! Group: Members Posts: 5,876 Joined: 21-September 07 Member No.: 50,369	HELP!! Cpanel Exploit Some one has hacked my cpanal and made a bunch of fake email accounts and they are screwing with my web site every once in a while by doing thing like making the margins 200 and changing file extensions. I have been able to fix this easy and quick but can't have this continue -reply by Adam