Security - cPanel zero day

[nathany]

Just posting in case any cPanel users here, apparently a zero day:

Critical cPanel, WHM flaw probs exploited as 0-day, pros say

: Emergency patches out now for those managing the millions of domains assumed to be affected

www.theregister.com

(Mods - remove if I should not have posted)

 

[Richard G]

And they are already heavily abused, there is a scan script and update solution for this part.
I don't know if that also covers the copy_fail issue on CP.

 

[Can]

Hopefully we won’t see a similar 0-day on the DirectAdmin side. The cPanel issue looks quite serious and seems to be getting exploited quickly. Regardless of the control panel, the underlying infrastructure (especially the Linux kernel and related services) is always a risk point. Keeping everything up to date and applying additional security measures seems essential.