annie Posted September 24, 2006 Posted September 24, 2006 There's a problem with all versions of cpanel, and a fix out. I hope you guys have applied it? Hostgator was compromised because of it. Not pretty! Quote
TCH-Thomas Posted September 24, 2006 Posted September 24, 2006 The latest stable cpanel are 10.8.2-STABLE 120 according to http://layer2.cpanel.net/ and it is what is running on TCH I believe. Quote
mike Posted September 29, 2006 Posted September 29, 2006 My cpanel build is 10.9.0 stable 35 how do I update? Quote
Just_Rob Posted September 29, 2006 Posted September 29, 2006 You cant, this is a server wide setting and TCH updates when they feel comfortable about releasing it across all of the servers and it not causing issues. Quote
mike Posted September 29, 2006 Posted September 29, 2006 Well, great! I don't have to worry about it then. LOVE TCH Quote
Head Guru Posted September 29, 2006 Posted September 29, 2006 Actually there have been three patches released from cPanel over the past several days. Yes, Hostgator had a good majority of there servers compromised, but it was not their fault. This was a 0-day exploit. Not even the vendor knew of the exploit so nothing could be done. We have applied every patch that cPanel has released for this. The patchs that were released would not change the cPanel release numbers your seeing in your control panels. Bill Quote
telcor Posted September 29, 2006 Posted September 29, 2006 As mike noted, the latest Stable build is 10.9.0-S35 for all platforms (check http://layer1.cpanel.net/) The exploit referenced in the first post can be fixed without performing a /scripts/upcp (Update cPanel). No doubt the TCH techs have already taken steps this past weekend to handle this. Thanks guys/gals! Quote
annie Posted September 30, 2006 Author Posted September 30, 2006 Thanks for letting us know. I have since seen websites compromised that seemed to have been due to this exploit. In that case, it was a webhost in the UK. I haven't heard back, so don't know for sure. But all the compromised sites were on the same IP number, so the chance was excellent it was the cpanel hack. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.