12Wonder
September 28th, 2006, 03:31 PM
Some of you already may have heard rumors of a major exploit discovered in cPanel. Last week, a large hosting company was hacked at the root level via the exploit and was serving up a virus on all their customers' web sites.
It was discovered that cPanel contained a vulnerability which would allow anyone who had a hosting account on a server to craft code which would allow them to gain root access to the server with full admin privileges.
There has been a patch put out, several as a matter of fact to deal with the issue.
I have not said anything about this up until this point as I did not want to spread panic or have people worried needlessly.
I want to make this clear: ALL 12Wonder servers are safe.
Our own tech gurus (Monte et al) have been on the cutting edge of the exploit since it was found, putting a patch in place on every server even before cpanel came out with one themselves, and testing the exploit code against it on test boxes to ensure it was safe.
After cPanel came out with an offical patch, our patches were removed and cPanel's patches put into place. Then all servers were again patched 3 other times as cPanel was still having problems with their own patching.
A few days ago cPanel released the final and complete patch and checker script, which was installed and run on all servers that we have control over.
Just want everyone to know we are on the job and your servers are patched. If you have any questions, please open a ticket (http://www.12wonderwebservices.com/helpdesk.php) on it. We will not however discuss the exploit, how it works, or what it entailed in any way. And sorry no we will not release any info on it which is not already in the public domain.
Special note to FrontPage users: Every time cPanel gets patched, FrontPage extensions can get corrupted, because yes, FP is that proprietary. Sorry, this is something we have no control over. So if you are using FrontPage extensions, you may have had to re-install extensions more frequently than usual. If not, you lucked out ;) Things should calm down for FrontPage users now, at least until Microsoft discontinues all support for FrontPage products in 2008 as they announced last Feb.
Thanks
Anne
It was discovered that cPanel contained a vulnerability which would allow anyone who had a hosting account on a server to craft code which would allow them to gain root access to the server with full admin privileges.
There has been a patch put out, several as a matter of fact to deal with the issue.
I have not said anything about this up until this point as I did not want to spread panic or have people worried needlessly.
I want to make this clear: ALL 12Wonder servers are safe.
Our own tech gurus (Monte et al) have been on the cutting edge of the exploit since it was found, putting a patch in place on every server even before cpanel came out with one themselves, and testing the exploit code against it on test boxes to ensure it was safe.
After cPanel came out with an offical patch, our patches were removed and cPanel's patches put into place. Then all servers were again patched 3 other times as cPanel was still having problems with their own patching.
A few days ago cPanel released the final and complete patch and checker script, which was installed and run on all servers that we have control over.
Just want everyone to know we are on the job and your servers are patched. If you have any questions, please open a ticket (http://www.12wonderwebservices.com/helpdesk.php) on it. We will not however discuss the exploit, how it works, or what it entailed in any way. And sorry no we will not release any info on it which is not already in the public domain.
Special note to FrontPage users: Every time cPanel gets patched, FrontPage extensions can get corrupted, because yes, FP is that proprietary. Sorry, this is something we have no control over. So if you are using FrontPage extensions, you may have had to re-install extensions more frequently than usual. If not, you lucked out ;) Things should calm down for FrontPage users now, at least until Microsoft discontinues all support for FrontPage products in 2008 as they announced last Feb.
Thanks
Anne