eSiK
Verified User
Very important: there is a security exploit in DirectAdmin code! Very dangerous! Please contact me - I am waiting online!
Last edited:
Two days ago I updated to version 1.294 and today all sites hacked. It seems someone logged in as admin to DirectAdmin panel. Password was very strong and I suspected a security hole and found this thread is newly opened. Please someone from DA check it. I stopped Directadmin service at all servers and looked for a version update from DA but it seems there is no update.
You don't need to visit/read the forums to know that DA have released an update.
http://DOMAIN:2222/CMD_LICENSE
http://directadmin.com/ - homepage
http://www.directadmin.com/versions.php
The DA mailing List.
The update to this vulnerability has been out for around a month or something.
I never said you did need to visit the forums did I? Read again, i said it would be nice if they submitted a Vuln report to all clients, LIKE EVERYONE ELSE DOES when one is discovered.
When you said how should they know if they don't visit the forums, it implied that you can only find it on the forums and no where else.I think DA should be emailing every client they have about these types of issues from the forum if nothing else to warning all to upgrade if thats what is required as many people dont visit the forums on a daily basis, how should they know?
Actually, you kind of did here:
When you said how should they know if they don't visit the forums, it implied that you can only find it on the forums and no where else.