Web Hosting News

  Home arrow Web Hosting News arrow Page 3 - cPanel, IE Security Flaws Exploited by...
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
WEB HOSTING NEWS

cPanel, IE Security Flaws Exploited by Hackers
By: Terri Wells
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 5
    2006-10-18

    Table of Contents:
  • cPanel, IE Security Flaws Exploited by Hackers
  • The Set Up
  • The Fallout
  • And What About Microsoft?

  • Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     

    SEARCH WEB HOSTERS

    TOOLS YOU CAN USE

    advertisement

    cPanel, IE Security Flaws Exploited by Hackers - The Fallout


    (Page 3 of 4 )

    To its credit, cPanel had a fix out in a real hurry once it was informed of the problem. Meanwhile, HostGator contacted some of its competitors to discover whether they, too, were affected by the exploit. After learning that they were indeed having problems, HostGator passed the fix along to them. The web host said that it also worked with others to develop an additional version of the patch and tried to make sure the problem was fully resolved.

    Some other web hosts were more fortunate than HostGator, or had more warning before they were hit. Upon hearing about the vulnerability, FastServers.Net began updating its cPanel systems; the company completed an update on more than 900 cPanel servers in less than 48 hours. It no doubt helped that they were very experienced with the software, having used cPanel since 1997. “I am very pleased with our security response team’s ability to provide what I consider record-breaking deployment of the patch,” beamed Matt Doyle, director of West Operations for the web host.

    But where does that leave companies that weren’t quite so fast – or might not be quite so fast next time? “There’s really not much you can do since it’s cPanel and it’s out of our control,” Oxley observed. “They have the source, which means they’re the only one that can secure it. There are exploits every day; I’m sure there are going to be many other exploits to be discovered.”

    But you can expect that web hosts will not be content to sit and wait for cPanel to handle it. In fact, one of the victims, web host Network Redux wrote a letter to cPanel about it. In the letter, the web host requested that cPanel engage security consultants for a full security audit of the software’s code base. As reasons for the request, it gave  “the evidence of a local privilege escalation compromise, the large scale issues experienced by the HostGator group, and the closed source nature of your management platform…” Apparently Network Redux, and the six other web hosts on whose behalf it sent the letter (HostGator, BlueHost, Rails Playground, Clear-Data Internet Services, Myriad Network, and HostingZoom) have become so uncertain about the security of cPanel’s platform that “At this point in time we require assurance from a third party entity that your code base provides a secure operating environment for our users.”

    More Web Hosting News Articles
    More By Terri Wells

    WEB HOSTING NEWS ARTICLES

    - FreedomPop Offering Open Wi-Fi Service
    - Go Daddy Goes to India
    - Netelligent, Savvis Add New Canadian Web Hos...
    - World IPv6 Launch Happens Today
    - IT Teams Struggle to Keep Pace with Malware
    - Lulz Security Hacks CIA, Takes Requests
    - Apple Unveils iCloud
    - Rackspace Introduces Cloud Load Balancers
    - Amazon Offers Cloud Drive, Disses Music Indu...
    - New Android.Pjapps Trojan
    - Copyright Fight over Hurt Locker Downloads I...
    - Data Reveals Many Browsers Remain Unpatched
    - PandaLabs Report - What Happens to Stolen In...
    - Safari Books Online Review
    - Hackers Targeting Human Rights Groups

    Developer Shed Affiliates

     




    © 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap