Direct Admin vulnerable

[dotdoms]

Greetings,

recently one of my servers was locked by the datacenter it´s in. There isn´t any software on it except directadmin on a debian linux. The support of that DC then told me they had on the same day the exactly same problem with many other servers, but only those that used DirectAdmin for administration.

Now that security hole made my server - as well as those other servers - sending DoS attacks to different IPs.

So my question is: Is that loop hole known and does there exist a security patch already for it?

 

[X-Hosted]

Tell us, what have you done to secure your server? Offcource directadmin installs third party packages also, you need to apply updates to them regulary and secure your OS/PHP/Exim ect..

A default OS install with a default Directadmin install is not secure.

 

[dotdoms]

not much yet... had that server be setup with a few packages like mod_secure as far as I know (while I had it been setup)... and had directadmin installed on the server... but the thing I´m referring to is, that in the same DC there had been on the same day many servers being attacked/hacked and all of them ran DirectAdmin while all other servers hadn´t had any problems...

don´t get me wrong, it´s not my intention to any way give a negative feedback on DA - I use it since years for my servers and really like it - I am just trying to find out wether that problem which is appearantly DA associated is known and wether it´s already fixed..

 

[floyd]

See the post about the Roundcube exploit and vulnerability.

 

[dotdoms]

thx