Security - cPanel zero day

[nathany]

Just posting in case any cPanel users here, apparently a zero day:

Critical cPanel, WHM flaw probs exploited as 0-day, pros say

: Emergency patches out now for those managing the millions of domains assumed to be affected

www.theregister.com

(Mods - remove if I should not have posted)

 

[Richard G]

And they are already heavily abused, there is a scan script and update solution for this part.
I don't know if that also covers the copy_fail issue on CP.

 

[Can]

Hopefully we won’t see a similar 0-day on the DirectAdmin side. The cPanel issue looks quite serious and seems to be getting exploited quickly. Regardless of the control panel, the underlying infrastructure (especially the Linux kernel and related services) is always a risk point. Keeping everything up to date and applying additional security measures seems essential.

 

[sparek]

Hopefully we won’t see a similar 0-day on the DirectAdmin side. The cPanel issue looks quite serious and seems to be getting exploited quickly. Regardless of the control panel, the underlying infrastructure (especially the Linux kernel and related services) is always a risk point. Keeping everything up to date and applying additional security measures seems essential.

Indeed, this is why you almost always follow the principle of "keep everything up to date." Doesn't mean you won't be affected by 0-day exploits, but you've done the best you can to guard against an exploit that may or may not have been disclosed.

A new kernel comes out? Update and reboot. That's the best philosophy. And before someone says Kernelcare, I'm not sure that I fully trust Kernelcare to patch everything. Some things in the kernel just have to be patched up with a new kernel. And with SSD/NVMe drives and kexec these days, a reboot costs you 30 seconds.