CPanel Vulnerability Wreaks Havoc with Sites on HostGator - Security

This is a discussion on CPanel Vulnerability Wreaks Havoc with Sites on HostGator - Security ; Netcraft reports that very many sites hosted on Hostgator were redirected to web pages containing the current Microsoft VML exploit. The article is at http://news.netcra ft.com/archives/2006/09/23/hostgator_cpanel_security_hole_exploited_in_mass_h ack.html (watch the wrap ) It does not specify the vulnerability in CPanel, because ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: CPanel Vulnerability Wreaks Havoc with Sites on HostGator

  1. CPanel Vulnerability Wreaks Havoc with Sites on HostGator

    Netcraft reports that very many sites hosted on Hostgator were redirected to web pages
    containing the current Microsoft VML exploit.

    The article is at
    http://news.netcra
    ft.com/archives/2006/09/23/hostgator_cpanel_security_hole_exploited_in_mass_h ack.html
    (watch the wrap )

    It does not specify the vulnerability in CPanel, because it is a new flaw ("0-day") not
    known to the public (not the Cross Site Scripting problem CPanel fixed in August). The
    vulnerability needs local access, which limits its use. A compromised customer with access
    to CPanel or a way into the server is required to execute the exploit.

    Notwithstanding, HostGator will probably not end up as the only one affected by the flaw.

    CPanel has made a patch which can be obtained automagically by performing /scripts/upcp in
    your installation. If you administer a server farm and you have more than a few clients
    using CPanel then have your weekend admin install the patch.



  2. Re: CPanel Vulnerability Wreaks Havoc with Sites on HostGator

    __/ [ I Hate Stock Spams ] on Sunday 24 September 2006 06:29 \__

    > Netcraft reports that very many sites hosted on Hostgator were redirected
    > to web pages containing the current Microsoft VML exploit.
    >
    > The article is at
    > http://news.netcra
    >

    ft.com/archives/2006/09/23/hostgator_cpanel_security_hole_exploited_in_mass_h ack.html
    > (watch the wrap )
    >
    > It does not specify the vulnerability in CPanel, because it is a new flaw
    > ("0-day") not known to the public (not the Cross Site Scripting problem
    > CPanel fixed in August). The
    > vulnerability needs local access, which limits its use. A compromised
    > customer with access to CPanel or a way into the server is required to
    > execute the exploit.
    >
    > Notwithstanding, HostGator will probably not end up as the only one
    > affected by the flaw.
    >
    > CPanel has made a patch which can be obtained automagically by performing
    > /scripts/upcp in your installation. If you administer a server farm and you
    > have more than a few clients using CPanel then have your weekend admin
    > install the patch.


    I read about this earlier. It seems harmless to those of us who share a
    server with sites are not malicious, e.g. if the host harbours no
    pornographic content. The motive in this recent hack is the exploitation of
    Internet Explorer vulnerabilities by proxy, so to speak.

    Speaking of cPanel hacks, I still haven't got my anonymous FTP back. It has
    been over a year since my host took it down, due to security threats.

    Best wishes,

    Roy

    PS - I miss this NG. Hello everyone!

+ Reply to Thread