Full Disclosure mailing list archives

Re: cpanel exploit

From: Rob Lemos <mail () robertlemos com>
Date: Fri, 29 Sep 2006 14:23:14 -0400

On Fri, 2006-09-29 at 06:56 -0400, Todd Burroughs wrote:

Anyone have any info on this cpanel exploit.   I have a friend who found it
pretty open to full user level acess, but not root.

I'm curious to know what the hole is/was.

http://www.thewhir.com/marketwatch/092706_Web_Hosts_Hit_by_Hackers.cfm

http://news.netcraft.com/archives/2006/09/23/hostgator_cpanel_security_hole_exploited_in_mass_hack.html


More information here as well:
http://www.securityfocus.com/news/11415

-- 
| robert lemos | mail () robertlemos com | 
| editor-at-large | securityfocus |
| security watch columnist | pc magazine |
| technology & science journalist | http://www.robertlemos.com |

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

cpanel exploit Todd Burroughs (Sep 29)
- Re: cpanel exploit Rob Lemos (Sep 29)
- <Possible follow-ups>
- cpanel exploit cp haquer (Sep 30)