Jump to content

Cpanel Exploit

Head Guru

By Head Guru
in Security Discussions

 Share

Recommended Posts

Head Guru Grand Master

Head Guru

Posted
Posted

This post is for *ANY* customers running Cpanel based servers.  An overflow exploit has been found in Cpanels recent password recovery utility.  This exploit allows a unauthenticated user to feed strings of text, in plain text format to *any* Cpanel based server which has the "allow cPanel users to reset their password via email" function enabled under tweak settings.  

 

The commands that are run from this dump directly into your Linux/Unix CLI, and are run as root, therefore a potential attacker can do anything they please, from sending a silly message, to changing your root password, to rebooting your server, to formatting your drive.

 

We urge everyone running Cpanel to disable this feature IMMEDIATELY under the tweak settings area of their WHM Panel.  This is a gaping security hole which poses a threat to anyone who does not comply ASAP.

 

This applies only to our dedicated non-managed server clients and not to clients who have reseller accounts or virtual accounts on our shared servers, we have patched the issue on all our managed and shared servers.  

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...