Major Horde/cPanel Exploit!

	Home Register Search Help Login

Sponsors

Shopping Cart Software
Ecommerce software integrated into Frontpage, Dreamweaver and Golive templates. No monthly fees and available in ASP and PHP versions.

Website Templates
We also have a wide selection of Dreamweaver, Expression Web and Frontpage templates as well as webmaster tools and CSS layouts.

Frontpage website templates
Creative Website Templates for FrontPage, Dreamweaver, Flash, SwishMax

Search Forums

Recent Posts

Todays Posts
Most Active posts
Posts since last visit
My Recent Posts
Mark posts read

Major Horde/cPanel Exploit!

View related threads: (in this forum | in all forums)

Logged in as: Guest

Users viewing this topic: none

Printable Version

All Forums >> Community >> OutFront Discoveries >> Major Horde/cPanel Exploit!

Page: [1]


BobbyDouglas Posts: 5431 Joined: 5/15/2003 From: Arizona Status: offline	Major Horde/cPanel Exploit! - 3/6/2008 22:35:04 Anyone who currently uses Horde webmail with the control panel cPanel, may want to make sure your host is aware of a new security exploit. This exploit has been verified to provide root access to the server. Not all hosting companies have been made aware of this, so you may want to double check that Horde is NOT enabled on your server. If it is, you will want to let them know about the security exploit. SECURITY ALERT: Horde arbitrary file inclusion vulnerability. I went to a couple hosting companies that some of the members here use, and so far, not a single one has disabled/fixed Horde. _____________________________ Arizona Web Design - Mr Bobs Web Design in Arizona The Arizona Web Hosting Challenge


jaybee Posts: 13957 Joined: 10/7/2003 From: Berkshire, UK Status: offline	RE: Major Horde/cPanel Exploit! - 3/7/2008 8:13:02 I had two client sites hacked via that route last week. _____________________________ If it ain't broke..... fix it until it is. GAWDS Now where did I put that Doctype? (in reply to BobbyDouglas)


BobbyDouglas Posts: 5431 Joined: 5/15/2003 From: Arizona Status: offline	RE: Major Horde/cPanel Exploit! - 3/7/2008 13:30:11 quote: ORIGINAL: jaybee I had two client sites hacked via that route last week. - Upgrade has been made available from cPanel. Tested and verified that it is working. You should login to your cPanel and verify that you are running version 11.18.2 or higher. _____________________________ Arizona Web Design - Mr Bobs Web Design in Arizona The Arizona Web Hosting Challenge (in reply to jaybee)


treetopsranch Posts: 959 From: Cottage Grove, OR, USA Status: offline	RE: Major Horde/cPanel Exploit! - 3/7/2008 21:09:51 Does that version (11.18.2) still allow FP extensions? _____________________________ Don from TreeTops Ranch, Oregon "I've got a taste for quality and luxury" (in reply to BobbyDouglas)


BobbyDouglas Posts: 5431 Joined: 5/15/2003 From: Arizona Status: offline	RE: Major Horde/cPanel Exploit! - 3/7/2008 23:28:24 I just checked on a couple client sites running FPSE and they appear to still work. cPanel hasn't mentioned that FPSE have been removed, so I would assume they still work. I do know there are a couple hosts who have already decided to remove FPSE. It's bound to happen to everyone sometime. We won't remove it until there is an actual security issue though. _____________________________ Arizona Web Design - Mr Bobs Web Design in Arizona The Arizona Web Hosting Challenge (in reply to treetopsranch)

Page: [1]

All Forums >> Community >> OutFront Discoveries >> Major Horde/cPanel Exploit!

Page: [1]

Jump to: 1

New Messages	No New Messages
Hot Topic w/ New Messages	Hot Topic w/o New Messages
Locked w/ New Messages	Locked w/o New Messages

Post New Thread

Reply to Message

Post New Poll

Submit Vote

Delete My Own Post

Delete My Own Thread

Rate Posts