In association with heise online

25 September 2006, 12:34

Massive hacks through holes in cPanel hosting management

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Hackers have exploited a previously unknown security hole in the cPanel hosting configuration software to manipulate stored customer pages on the website host HostGator. Based on reports from the service provider and internet statistics firm Netcraft, attackers achieved root access through the hole, and then went on to integrate numerous IFrames websites that reroute visitors to infected external websites. Internet Explorer users who have not yet patched the VML hole are then subjected to malicious code smuggled onto their machines. To its credit, HostGator noticed the manipulation quickly and reported the problem to its customers this past Saturday. How many users were infected by the pests is not clear.

cPanel's makers have since released a Perl script that closes the hole. The roots of the problem remain unclear, since no official error report has been released. In the forum at the manufacturer's website, users are already discussing potential remedies. All current and older cPanel versions; Stable, Release, Current and Edge, are affected. The root hole can only be exploited if the attacker possesses a customer's local cPanel account. Other web hosting companies are apparently similarly threatened.

Internet Explorer users can protect themselves against attacks on the VML hole by deactivating the vgx.dll library. Microsoft has released an error report to explain how to do so. Independent security specialists have also developed and released a temporary patch for the VML hole in Internet Explorer. Microsoft, for its part, recommends against the installation of unofficial patches. Users must weigh whether they trust third-part makers and their tests, in terms of functionality, against preventing the hole from remaining open until the next Patch Tuesday. The Redmond company has officially indicated that the update will be released on October 10. Microsoft say that "depending on customer needs" an earlier release may be possible, without any indication of their criteria for this to happen.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit