It's a cpanel vulnerability, Apache is merely modified by the payload to help it spread. Seriously, giving a web server process root -- what the hell are those guys thinking?
I worked at an ISP using cPanel for a couple hundred shared servers... Let me just say that cPanel is the biggest hunk of crap out there. It is poorly written with no attention paid to security. It is squarely aimed at end-users who have no clue about system administration and has a penchant for letting those same people shoot themselves in the foot as often as possible. cPanel, for instance, lets you format/partition hard drives via the gui without much in the way of instructions or warnings regarding the potential consequences of this action. We had many calls from people who claimed to have done nothing to their servers but turned out that they were trying to free up space and formatted/var or/. We often joked that we should cretaed a page in the GUI with a bug red button that says "Do NOT push" that would add an iptables rule to drop all connections from that IP and wait for the hilarity to commence.
it's just to bad that it doesn't fire an actual bullet into their foot or at least zap em good when they screw up. Might help educate some of those damn PEBKAC issues
"Bond reflected that good Americans were fine people and that most of them
seemed to come from Texas."
- Ian Fleming, "Casino Royale"
doesn't look so scary (Score:5, Insightful)
Only cpanel apaches vulnerable and modified httpd easily found by grep'ing a string?
*yawn*
Re: (Score:5, Insightful)
It's a cpanel vulnerability, Apache is merely modified by the payload to help it spread. Seriously, giving a web server process root -- what the hell are those guys thinking?
Re:doesn't look so scary (Score:3)
I worked at an ISP using cPanel for a couple hundred shared servers... Let me just say that cPanel is the biggest hunk of crap out there. It is poorly written with no attention paid to security. It is squarely aimed at end-users who have no clue about system administration and has a penchant for letting those same people shoot themselves in the foot as often as possible. cPanel, for instance, lets you format/partition hard drives via the gui without much in the way of instructions or warnings regarding the potential consequences of this action. We had many calls from people who claimed to have done nothing to their servers but turned out that they were trying to free up space and formatted /var or /. We often joked that we should cretaed a page in the GUI with a bug red button that says "Do NOT push" that would add an iptables rule to drop all connections from that IP and wait for the hilarity to commence.
Re: (Score:2)
it's just to bad that it doesn't fire an actual bullet into their foot or at least zap em good when they screw up. Might help educate some of those damn PEBKAC issues