46 replies to this topic

[AplusWebMaster]

FYI...

cPanel vuln - updates...
- http://secunia.com/advisories/42625
Release Date: 2010-12-15
Criticality level: Extremely critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: cPanel 11.x
CVE Reference(s):
- http://web.nvd.nist....d=CVE-2010-4344
- http://web.nvd.nist....d=CVE-2010-4345
Solution: Apply patches available via cPanel's package management system.
Original Advisory:
- http://www.cpanel.ne...-2010-4344.html
- http://www.cpanel.ne...ity-update.html
"... rated as Critical by the cPanel Security team..."

• http://forums.whatth...=...st&p=700501

Edited by AplusWebMaster, 17 December 2010 - 02:54 PM.

[AplusWebMaster]

FYI...

cPanel 2012-05-31 security update
- https://secunia.com/advisories/49363/
Last Update: 2012-06-05
Criticality level: Moderately critical
Impact: Unknown
Where: From remote ...
... vulnerabilities are reported in versions prior to 11.30.6.8, 11.32.2.28, and 11.32.3.19.
Solution: Update to version 11.30.6.8, 11.32.2.28, or 11.32.3.19.
Software: cPanel 11.x
Original Advisory: http://go.cpanel.net/changelog
Security Release 2012-05-31 Announcement
May 31, 2012 - "cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system..."

Edited by AplusWebMaster, 04 July 2012 - 07:27 AM.

[AplusWebMaster]

FYI...

cPanel - updates available
- https://secunia.com/advisories/51494/
Release Date: 2012-12-05
Criticality level: Moderately critical
Impact: Unknown
Where: From remote
Software: cPanel 11.x
... vulnerabilities are reported in versions prior to 11.30.7.4, 11.32.5.15, and 11.34.0.11.
Solution: Update to version 11.30.7.4, 11.32.5.15, or 11.34.0.11.
Original Advisory:
http://cpanel.net/im...anel-whm-11-30/
http://cpanel.net/im...ate-cpanel-whm/
http://cpanel.net/im...ase-cpanel-whm/

[AplusWebMaster]

FYI...

SSHD rootkit in the wild
- https://isc.sans.edu...l?storyid=15229
Last Updated: 2013-02-22 18:32:22 UTC
"UPDATE: Over the night (depending on where you live), a lot of things happened... cPanel also posted a notice to their users that they have been compromised... keep in mind – if your servers are infected with the SSHD rootkit, the attackers will get your passwords/keys *anyway*... So make sure that you check if your server has been compromised and that you clean it accordingly..."

- https://isc.sans.edu...d/15229#comment
Fri Feb 22 2013, 01:49 - "... just in from cpanel: Salutations... cPanel, Inc. has discovered that one of the servers we utilize in the technical support department has been compromised. While we do not know if your machine is affected, you should change your root level password if you are not already using ssh keys. If you are using an unprivileged account with "sudo" or "su" for root logins, we recommend you change the account password. Even if you are using ssh keys we still recommend rotating keys on a regular basis. As we do not know the exact nature of this compromise we are asking for customers to take immediate action on their own servers. cPanel's security team is continuing to investigate the nature of this security issue..."

- http://atlas.arbor.n...dex#-1814325122
Elevated Severity
Feb 26, 2013
Source: http://arstechnica.c...mediate-action/
Feb 23 2013

- http://blog.sucuri.n...ompromised.html
Feb 22, 2013

Edited by AplusWebMaster, 01 March 2013 - 05:49 AM.

[AplusWebMaster]

FYI...

cPanel & WHM 11.36, 11.34, and 11.32 Security Releases
- https://cpanel.net/i...urity-releases/
Feb 26, 2013 - "cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having important security impact. Information on security ratings is available at:
- http://go.cpanel.net/securitylevels

Determine Your System's Status
- http://docs.cpanel.n...tion/CompSystem
Feb 25, 2013

Edited by AplusWebMaster, 28 February 2013 - 02:42 PM.

[AplusWebMaster]

FYI...

cPanel cpanellogd vulns - update available
- https://secunia.com/advisories/53921/
Release Date: 2013-07-08
Criticality: Moderately Critical
Where: From remote
Impact: Privilege escalation
... vulnerabilities are reported in versions prior to 11.38.1.4, 11.38.0.19, 11.36.1.9, 11.34.1.17, and 11.32.6.8.
Solution: Update to version 11.38.1.4, 11.38.0.19, 11.36.1.9, 11.34.1.17, or 11.32.6.8.
Original Advisory: cPanel:
http://cpanel.net/cp...-tsr-2013-0007/

[AplusWebMaster]

FYI...

cPanel updated ...
- https://secunia.com/advisories/54455/
Release Date: 2013-08-14
Where: From remote
Impact: Hijacking, Manipulation of data
Solution Status: Vendor Patch
Software: cPanel 11.x
... vulnerabilities are reported in versions prior to 11.32.6.17, 11.34.1.25, 11.36.1.15, 11.38.1.13, and 11.39.0.5.
Solution: Update to version 11.32.6.17, 11.34.1.25, 11.36.1.15, 11.38.1.13, or 11.39.0.5.
Original Advisory: cPanel:
http://cpanel.net/ts...008-disclosure/

- http://httpupdate.cpanel.net/

[AplusWebMaster]

FYI...

cPanel - updates available
- https://secunia.com/advisories/54601/
Release Date: 2013-09-03
Criticality: Moderately Critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of sensitive information, Privilege escalation, System access
Software: cPanel 11.x
... vulnerabilities... are reported in versions prior to 11.32.7.3, 11.34.2.4, 11.36.2.3, 11.38.2.6, and 11.39.0.15.
Solution: Update to version 11.32.7.3, 11.34.2.4, 11.36.2.3, 11.38.2.6, or 11.39.0.15.
Original Advisory: cPanel:
http://cpanel.net/se...ory-2013-08-27/
> http://cpanel.net/wp...dDisclosure.txt

> https://blog.rack911...rage-r911-0056/
https://blog.rack911...vice-r911-0054/ Impact: High
https://blog.rack911...tion-r911-0053/
https://blog.rack911...tion-r911-0052/ Impact: High
https://blog.rack911...ions-r911-0051/

Edited by AplusWebMaster, 04 September 2013 - 01:21 PM.

[AplusWebMaster]

FYI...

cPanel CloudFlare Plugin - Privilege Escalation Vuln
- https://secunia.com/advisories/55273/
Release Date: 2013-10-18
Criticality: Moderately Critical
... vulnerability is reported in version 4.1. Prior versions may also be affected.
Solution: Update to version 4.2.
Original Advisory: Rack911:
https://blog.rack911...lity-r911-0080/
2013-10-15 - "... rated as CRITICAL due to the fact that root access can be obtained..."

[AplusWebMaster]

FYI...

cPanel updates ...
- https://secunia.com/advisories/56146/
Release Date: 2013-12-20
Criticality: Moderately Critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of sensitive information, Privilege escalation
Software: cPanel 11.x
CVE Reference: https://web.nvd.nist...d=CVE-2013-6780
... security issue is reported in versions prior to 11.40.1.3, 11.40.0.29, and 11.38.2.13.
Solution: Update to version 11.40.1.3, 11.40.0.29, 11.38.2.13, or 11.36.2.10 or later.
Original Advisory: http://cpanel.net/ts...1-announcement/

- http://www.securityt....com/id/1029528
CVE Reference: https://web.nvd.nist...d=CVE-2013-6780
Dec 20 2013
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes ...
Solution: The vendor has issued a fix (11.36.2.10, 11.38.2.13, 11.40.1.3, 11.40.0.29).
- http://cpanel.net/ts...ull-disclosure/
 

Edited by AplusWebMaster, 23 December 2013 - 06:15 AM.

[AplusWebMaster]

FYI...

cPanel 11.40.1.7 released
- https://secunia.com/advisories/56207/
Release Date: 2013-12-24
Where: From remote
Impact: Exposure of sensitive information
Software: cPanel 11.x
CVE Reference: No CVE references.
... vulnerability has been reported in cPanel, which can be exploited by malicious users to disclose potentially sensitive information.
... vulnerability is reported in versions prior to 11.40.1.7, 11.40.0.31, 11.38.2.15, and 11.36.2.12.
Solution: Update to version 11.40.1.7, 11.40.0.31, 11.38.2.15, or 11.36.2.12 or later.
Original Advisory: TSR 2013-0012:
http://cpanel.net/ts...ull-disclosure/
http://cpanel.net/ts...2-announcement/
"... changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having security impact levels of Important..."

- http://www.securityt....com/id/1029531
Dec 24 2013
Impact: Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 11.36.2.12, 11.38.2.15, 11.40.0.31, 11.40.1.7
Solution: The vendor has issued a fix (11.36.2.12, 11.38.2.15, 11.40.0.31, 11.40.1.7).
The vendor's advisory is available at:
http://cpanel.net/ts...ull-disclosure/
 

[AplusWebMaster]

FYI...

cPanel Multiple Vulnerabilities
- https://secunia.com/advisories/56719/
Release Date: 2014-02-07
Criticality: Moderately Critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of sensitive information, Privilege escalation, System access
Solution Status: Vendor Patch
Software: cPanel 11.x
... weakness, multiple security issues, and multiple vulnerabilities have been reported in cPanel, which can be exploited by malicious, local users to gain escalated privileges and by malicious users to conduct script insertion attacks, bypass certain security restrictions, disclose certain sensitive information, manipulate certain data, and compromise a vulnerable system.
Solution: Update to version 11.38.2.16, 11.40.1.10, or 11.42.0.4.
Original Advisory:
cPanel (TSR-2014-0001):
http://cpanel.net/ts...announcement-2/
http://cpanel.net/ts...l-disclosure-1/
Rack911:
https://blog.rack911...lity-r911-0123/
https://blog.rack911...lity-r911-0124/
 

[AplusWebMaster]

FYI...

cPanel updates - TSR 2014-0003
- https://secunia.com/advisories/57576/
Release Date: 2014-04-01
Criticality: Moderately Critical
Where: From remote
Impact: Cross Site Scripting, Spoofing, Manipulation of data, Security Bypass, Exposure of sensitive information, System access ...
Two weaknesses, a security issue, and multiple vulnerabilities have been reported in cPanel...
cPanel TSR 2014-0003
Original Advisory:
- http://cpanel.net/cp...ull-disclosure/
"... issue is resolved in the following builds: 11.42.0.23, 11.40.1.13, 11.38.2.23 ..."
 

[AplusWebMaster]

FYI...

cPanel updates released ...
- https://secunia.com/advisories/58717/
Release Date: 2014-05-26
Criticality: Moderately Critical
Where: From remote
Impact: Unknown
Solution Status: Vendor Patch
Software: cPanel 11.x
... vulnerabilities are reported in versions prior to 11.43.0.12, 11.42.1.16, and 11.40.1.14.
Solution:
Update to version 11.43.0.12, 11.42.1.16, or 11.40.1.14.
Original Advisory: cPanel:
- http://cpanel.net/cp...4-announcement/
May 19, 2014
___

- http://www.securityt....com/id/1030287
CVE Reference: https://web.nvd.nist...d=CVE-2002-1575 - 5.0
May 27 2014
Impact: Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 11.40.1.14, 11.42.1.16, 11.43.0.12 ...
Solution: The vendor has issued a fix (11.40.1.14, 11.42.1.16, 11.43.0.12).
The vendor's advisory is available at:
- http://cpanel.net/cp...ull-disclosure/
May 26, 2014 - "... issue is resolved in the following builds: 11.43.0.12, 11.42.1.16, 11.40.1.14..."
 

Edited by AplusWebMaster, 27 May 2014 - 04:24 AM.

[AplusWebMaster]

FYI...

cPanel TSR-2014-0005 ...
- http://cpanel.net/cp...5-announcement/
July 21, 2014 - "cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having security impact levels ranging from Minor to Important... If your deployed cPanel & WHM servers are configured to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then we strongly encourage you to update your cPanel & WHM installations at your earliest convenience... The following cPanel & WHM versions address all known vulnerabilities:
* 11.44.1.5 & Greater
* 11.44.0.29 & Greater
* 11.42.1.23 & Greater
* 11.40.1.18 & Greater
The latest public releases of cPanel & WHM for all update tiers are available at - http://httpupdate.cpanel.net
... This Targeted Security Release addresses -22- vulnerabilities in cPanel & WHM software versions 11.44, 11.42, and 11.40..."
___

cPanel TSR-2014-0005 Full Disclosure
- http://cpanel.net/cp...ull-disclosure/
July 28, 2014
Summary: Limited SQL injection vulnerability in LeechProtect.
Security Rating: cPanel has assigned a Security Level of Minor to this vulnerability...
Solution: This issue is resolved in the following builds:
11.44.1.5
11.44.0.29
11.42.1.23
11.40.1.18 ...
 

Edited by AplusWebMaster, 28 July 2014 - 01:34 PM.