[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] cpanel exploit

To: Todd Burroughs <todd@xxxxxxxxxx>
Subject: Re: [Full-disclosure] cpanel exploit
From: Rob Lemos <mail@xxxxxxxxxxxxxxx>
Date: Fri, 29 Sep 2006 14:23:14 -0400

On Fri, 2006-09-29 at 06:56 -0400, Todd Burroughs wrote:
> Anyone have any info on this cpanel exploit.   I have a friend who found it
> pretty open to full user level acess, but not root.
> 
> I'm curious to know what the hole is/was.
> 
> http://www.thewhir.com/marketwatch/092706_Web_Hosts_Hit_by_Hackers.cfm
> 
> http://news.netcraft.com/archives/2006/09/23/hostgator_cpanel_security_hole_exploited_in_mass_hack.html

More information here as well:
http://www.securityfocus.com/news/11415

-- 
| robert lemos | mail@xxxxxxxxxxxxxxx | 
| editor-at-large | securityfocus |
| security watch columnist | pc magazine |
| technology & science journalist | http://www.robertlemos.com |

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] cpanel exploit
  - From: Todd Burroughs

Prev by Date: [Full-disclosure] Stealing Search Engine Queries with JavaScript
Next by Date: Re: [Full-disclosure] Stealing Search Engine Queries with JavaScript
Previous by thread: [Full-disclosure] cpanel exploit
Next by thread: [Full-disclosure] Announce: RFDIOt v0.1e released
Index(es):
- Date
- Thread