Possible security hole in cPanel?

[agentblack]

Wondering if there are any cPanel security specialists available to discuss a possible security hole within cPanel.

This has already been brought to the attention of cPanel, but it has been met with the standard, "not our problem" email.:smash:

Please contact us via PM.

Regards.

 

[handsonhosting]

We do a lot of work with cPanel, and a lot of extra developer stuff with their software too. You'll probably get more of a response at the cPanel forums, but if you want to drop me a PM, I can have our guys look at things and duplicate issues on our servers if they are an issue.

 

[RandyTHQ]

wow. this is shocking real shocking. i hope there is no hole

 

[HostLeet]

Wondering if there are any cPanel security specialists available to discuss a possible security hole within cPanel.

This has already been brought to the attention of cPanel, but it has been met with the standard, "not our problem" email.:smash:

Please contact us via PM.

Regards.

You're probably much better off posting on the cPanel forums like Conor advised, but I would also take him up on his offer and let him help you as well. Conor is one of the most knowledgeable hosting Gurus out there for sure.. Between him and Steve, I think HD forums produce as much helpful content as the other BIG hosting forum does (you all know the one! ), but without all the massive garbage threads. :thumbup:

 

[agentblack]

I don't want to alarm anyone by any means. I've already sent this off to cPanel and got less than stellar response, so I was hoping to have another set of eyes look at this.

Conner you have a PM inbound shortly.

 

[Bullten]

I hope you are not talking about cpanel CSRF exploit?

 

[agentblack]

I'm not sure. I'm waiting on Conner to get back with me.

 

[kunnusingh]

Why not upgrade your cPanel to latest version?

They already warn their users for this and release a new version.

 

[agentblack]

Everything is already updated to the current release. We are well aware of their "warnings".

 

[RandyTHQ]

do let us know the results:smash:

 

[SolidShellSecur]

Did anything ever come of this?

 

[agentblack]

With the assistance of handsonhosting the issue has been resolved. Appears I was just being overly cautious.

 

[jdevelopers]

Being cautious is good, especially if you've made some investments on websites running cPanel. I'm not saying cPanel is broken or vulnerable. But with the pace technology is changing everyday, critical applications can become obsolete in a heartbeat.

 

[HostOX]

Not our problem? That's a nice way to answer your clients who keep you fed and watered.

 

[twhdir]

By the way, Does any one know How to uninstall cPanel from Linux Server??

 

[easyhostmedia]

By the way, Does any one know How to uninstall cPanel from Linux Server??

their is only one way to do this and that is to reinstall your OS