Mar 15, 2004 : Flaw Found in cPanel's WebHost Manager


📅 - According to an advisory posted in SecurityFocus, a vulnerability has been discovered in cPanel's (http://www.cpanel.net) WebHost Manager reseller control panel that may be exploited by malicious users, allowing them to run some commands as the root (superuser).

The advistory said the vulnerability affects a function in WebHost Manager that allows resellers to send lost and forgotten passwords by email. The setting is found in the "Tweak Settings Section." According to the advisory, "This hole is built in to all compiled cPanel binaries and as such cannot be 'patched.' Security Focus recommends that users disable the feature.
The cPanel solution is deployed on approximately 1.4 million hostnames worldwide and is popular with large Web hosting companies running dedicated servers. According to the advisory, the flaw affects all versions up to 9.1.0 build 34 with all later versions having been repaired.
CPanel is developed by Scranton, Pennsylvania-based DarkOrb Communications.

Reads: 1541 | Category: General | Source: TheWHIR : Web Host Industry Reviews

Want to add a website news or press release ? Just do it, it's free! Use add web hosting news!

Other news


data393.com📅 - Data393 Deploys Plesk 7 Software - Colorado-based colocation and managed Web hosting services company Data393 (data393.com 👉 Total Reviews: 2
🙌 Average Rating: 5 / 10
👍 Good Reviews: 1
👎 Bad Reviews: 1
👈 Official Responses: 0
) announced today that it will use Plesk 7 from SWsoft (http://www.sw-soft.com) as its standard control panel for new dedicated server, shared and bulk reseller server customers. SWsoft says Data393 selected the Plesk 7 platform for its stability, features and management tools. "Plesk 7 is an outstanding, world-class product that meets our need to support both Linux and Windows from a single control panel," said Data393 vice president of operations Paul Beckelheimer. "At the same time, our customers gain the benefit of more stable and robust functionality than they've received previously," ...
📅 - Dell Deploys Vmware Software in Servers - Dell (http://www.dell.com) has entered into an agreement to use Vmware's (http://www.vmware.com) virtualization software in new configurations of its two and four-processor servers, according to reports. Pete Morowski, vice president of software development for the Dell Product Group, said in a conference call earlier this week that new configurations of the Dell PowerEdge server and Dell/EMC Storage servers will deploy the virtualization technology. Virtualization software allows a single physical server to be partitioned into multiple "virtual" servers that behave like standalone systems. Morowski said Dell PowerEdge 6650 servers will run VMware ESX Server 2.0.1, VirtualCenter and ...
📅 - Digital River to Host Appligent Site - E-commerce outsourcing provider Digital River (http://www.digitalriver.com) announced earlier this week that it has signed Appligent, a developer of PDF-related software applications, as a customer. Through the deal, Digital River built and launched an e-commerce site to support the online sales and marketing of Appligent's product line. In addition to hosting the site, Digital River is providing order management, digital fulfillment and fraud prevention. "We are pleased to add Appligent to our growing list of software clients," says Dave Alampi, vice president of marketing for Digital River. "We continue to see a growing opportunity in the software and computer ...
📅 - BT to Host Interflora's Order Processing - British Telecom (http://www.bt.com) announced on Tuesday that it will host the servers, operating system, network hardware and firewalls that support the central order processing and commercial business system of flower delivery network Interflora. BT is also providing 24-hour software and hardware maintenance and support. Exact financial details were not disclosed, but BT said the deal was worth seven figures. Interflora's outsourcing of its order processing systems to BT is part of an IT upgrade designed to retain and support its growing market share. "Over the past few years, competition in the flower relay space has increased dramatically with high street retailers ...
📅 - Hosting Controller Unveils New Tutorials - Advanced Communications (http://www.advcomm.net), a developer of Windows hosting automation software, has introduced a second series of voice-enabled flash tutorials for Hosting Controller, its flagship Web hosting control panel. The second series of tutorials follow the original series of 29 tutorials released last month. The first series covered the Web Admin operations of Hosting Controller while the new series covers the Host and Reseller Admin operations. The company said the tutorials have become very popular and received widespread positive feedback. "Customers don't like to read help manuals or Knowledgebase. They always find it boring and prefer to call you ...
equinix.com logo📅 - Equinix Expands Mirror Image Network - Mirror Image Internet (http://www.mirror-image.com) has selected Equinix Inc. (equinix.com), a provider of network- neutral data centers and Internet exchange services, to expand its global Content Access Point network to accommodate new customers for its Web computing solutions. Mirror Image, an adaptive network for online content, application and transaction delivery, selected Equinix's Silicon Valley, New York and Washington, DC area Internet Business Exchange centers for the expansion. "The future of the Internet lies in the power of the central locations or 'hubs,' from companies like Mirror Image and Equinix, that offer the capacity needed to deliver complex content," ...