cPanel, IE Security Flaws Exploited by Hackers
(Page 1 of 4 )
It’s the kind of story that scares just about anyone in the web hosting business: a combination of holes that lets hackers redirect visitors to their customers’ sites. So angry web surfers end up at malware-laden web sites, angry site owners lose traffic and goodwill, and what do web hosts do? Keep reading to find out.
Halloween came early this year for a number of web hosts – September 19, to be exact. It was right around then that a security issue in Microsoft’s Internet Explorer browser, discovered by Sunbelt Software, was made public. Here’s the official description from US-CERT:
“Microsoft IE version 5.0 and higher supports the Vector Markup Language (VML), which is a set of XML tags for drawing vector graphics. IE fails to properly handle malformed VML tags allowing a stack buffer overflow to occur. If a remote attacker can persuade a user to access a specially crafted web page with IE, that attacker may be able to trigger the buffer overflow. In addition, an attacker could deliver an HTML email message or entice a user to select an HTML document in Windows Explorer.”
The stack buffer overflow exploit could allow a remote attacker to execute arbitrary code, such as Trojans or other malware, on a vulnerable system. But this only works if you get the web surfer to that “specially crafted web page” and they’re using IE. Many surfers are savvy enough not to click on links in spam messages. So what’s a determined hacker to do?
The answer came in the form of a cPanel security issue. cPanel is a widely used hosting control panel. The flaw was previously unknown, but “I can tell you with all accuracy that…[the cPanel exploit] provides root access and all cPanel servers are affected. This issue affects all versions of cPanel, from what I can tell, from years ago to the current releases, including Stable, Release, Current, and Edge,” according to Tim Greer, a system administrator for HostGator. And he should know; HostGator was one of seven web hosts that became victims of hackers who took advantage of the two security holes.
More Web Hosting News Articles
More By Terri Wells