Web Hosting News

  Home arrow Web Hosting News arrow Page 2 - cPanel, IE Security Flaws Exploited by...
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

cPanel, IE Security Flaws Exploited by Hackers
By: Terri Wells
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 5

    Table of Contents:
  • cPanel, IE Security Flaws Exploited by Hackers
  • The Set Up
  • The Fallout
  • And What About Microsoft?

  • Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article




    cPanel, IE Security Flaws Exploited by Hackers - The Set Up

    (Page 2 of 4 )

    It’s important to note that the cPanel exploit requires the attacker to have an existing account with the victim that has cPanel access. While that should limit the damage in theory, in practice it was enough to set off all sorts of havoc. From Thursday, September 19, through the afternoon of September 21, hackers were able to take control of hundreds, perhaps thousands, of Windows-based machines using Internet Explorer.

    The hackers injected iframe exploits into PHP pages located on web hosts’ servers. The exploits in turn redirected some visitors to sites outside the hosts’ networks. These sites exploited the IE vulnerability and installed malware on users’ computers. How widespread is the problem? Eric Sites, vice president of Sunbelt Software, believes that there are about 20,000 web sites trying to exploit this security issue. Not surprisingly, his company first discovered that hackers were using the IE VML flaw on pornographic web sites.

    How could the hackers do this? It was really very simple. The cPanel exploit, according to the company’s thread issuing the security advisory, “allows escalated access.” This means that someone using this exploit that couldn’t normally access other site owners’ pages suddenly can. Worst of all, as previously mentioned it affected every version of cPanel.

    The company recommended “updating to the latest EDGE or CURRENT build as these builds include the latest security patch…” and suggested that “You can either run /scripts/upcp from the command line as root, or you can also upgrade from inside WebHostManager by using the ‘Upgrade to Latest Version’ option within the ‘cPanel’ menu.” The advisory on the forums also explained how to apply the patch without upgrading.

    HostGator founder and president Brent Oxley admitted that the hackers had used the cPanel flaw to access his company’s servers more than a month before they attacked, keeping a low profile until they struck. “They took control of as many servers as they could and they were building an army,” said Oxley of the hackers. “They waited idly for a month and when the Microsoft exploit came out that’s when they launched the attack.” 

    It quickly turned into a nightmare, judging from the posts about the issue. “We have everyone working on the situation, even a few CTOs from other companies we know personally,” said a post from GatorBrent in HostGator’s forums. “We can make the problem disappear for a little while but it keeps coming back on a majority of our servers. We believe this is a 0-day exploit with HostGator being the target. We are being completely overwhelmed currently with chat, phones, tickets, etc. We are working on finding the root of the problem so we can put a stop to it.”

    More Web Hosting News Articles
    More By Terri Wells


    - FreedomPop Offering Open Wi-Fi Service
    - Go Daddy Goes to India
    - Netelligent, Savvis Add New Canadian Web Hos...
    - World IPv6 Launch Happens Today
    - IT Teams Struggle to Keep Pace with Malware
    - Lulz Security Hacks CIA, Takes Requests
    - Apple Unveils iCloud
    - Rackspace Introduces Cloud Load Balancers
    - Amazon Offers Cloud Drive, Disses Music Indu...
    - New Android.Pjapps Trojan
    - Copyright Fight over Hurt Locker Downloads I...
    - Data Reveals Many Browsers Remain Unpatched
    - PandaLabs Report - What Happens to Stolen In...
    - Safari Books Online Review
    - Hackers Targeting Human Rights Groups

    Developer Shed Affiliates


    © 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap