cPanel Exploit Used to Circulate IE Exploit 95
miller60 writes "In a dangerous combination of unpatched exploits, hackers have used a previously undiscovered security hole in cPanel to hack the servers of a hosting company and use hundreds of hijacked sites to infect Internet Explorer users with malware using the unpatched VML exploit. cPanel, whose hosting automation software is used by many large hosting companies, has issued a fix. It's a local exploit, meaning the attacker must control a cPanel account on the target hosting provider."
Re:Someone has to.... (Score:4, Informative)
Temporary Fix (Score:5, Informative)
And to be completely safe you can unregister the
Copy the following command to clipboard and Paste into Run:
regsvr32 -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"
Then when Microsoft gets around to fixing this (Probably on the next patch Tuesday) you can restore it:
regsvr32 "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"
Want to bet this code is in Vista somewhere?
cPanel fix (Score:5, Informative)
Re:As always.. (Score:5, Informative)
http://forums.hostgator.com/showthread.php?t=1092
I'm a customer whose site didn't have problems, but I am satisfied with how they got on this problem. Not perfect, but definetly good. Of course when I read this headline I was shitting bricks for a moment or two.
Owner of hostgator here (Score:4, Informative)
Hostgator support forum discussion on the virus (Score:5, Informative)
Re:Temporary Fix (Score:4, Informative)
Re:firefox (Score:3, Informative)
Re:CPanel bugs and malware hosting combo old (Score:1, Informative)
Unfortunately cPanel consists of several million lines of uncommented perl code. Integral parts of almost every operation go through a large closed-source binary generated from perl code which makes it impossible to audit.
You may be also interested in knowing that cPanel was started by someone when they were around 12 years old, and much of that code still is still in use. None of the cPanel developers have had any formal programming teaching and learn from each others bad habbits. This is why the cPanel code is in such bad shape. Just look at the
Re:Temporary Fix (Score:3, Informative)
Re:firefox (Score:3, Informative)
Re:Bluehost issued a fix. (Score:5, Informative)
Re:Bluehost issued a fix. (Score:4, Informative)
Re:Bluehost issued a fix. (Score:2, Informative)
Re:firefox (Score:4, Informative)
I hope your'e patched up. Script kids have been doing the rounds with a file disclosure exploit in Webmin/Usermin for a while now. Thousands of machines have been compromised by it.
Check the miniserv.log for "..%01/..%01/..%01" or similar strings.
Re:As always.. (Score:2, Informative)
Cpanels patch doesn't work! Read!! (Score:2, Informative)