Webhost hit by cPanel exploit

[pedantic]

I thought the latest patch from MS has sorted that out.

http://secunia.com/advisories/21989/

[Druchii]

Quote:

Originally Posted by pedantic

I thought the latest patch from MS has sorted that out.

http://secunia.com/advisories/21989/

It did, i'm thinking that was before the patch was released 2 days ago was it?

[Halcyon]

Quote:

Originally Posted by bopdude

But why then would my AV flash up that warning ???

My Nod32 came up with the same thing too.
Anyone know if we are at risk or why it came up ?

[pedantic]

Quote:

Originally Posted by Druchii

It did, i'm thinking that was before the patch was released 2 days ago was it?

Dunno lol

I just used the link supplied by KP and got this.....

Quote:

VML test case, CVE-2006-4868

This is a test page to determine whether your browser is vulnerable to the VML vulnerability specified in CVE-2006-4868.

Since your browser is not Internet Explorer 5 or higher it does not support the vulnerable VML module, and you are therefor not vulnerable.

If you would like to know more about the Zeroday Emergency Response Team, please visit http://isotf.org/zert/

Which does point to that exploit in my previous post. No big deal though.

Quote:

Originally Posted by KingPhoenix

How do i know if i have been affected? : Apparently this site should crash if you are affected http://www.isotf.org/zert/testvml.htm

That site tests if your IE is vulnerable to the VML security hole.

Mine was, so I installed the MS patch available here ;

http://www.microsoft.com/technet/sec.../MS06-055.mspx

Now IE passes the test ok.

[Halcyon]

So is that why Nod32 thinks it is a virus then when I click on that link ?
I never use IE, just Firefox.

[Graham M]

Quote:

Originally Posted by Paul

KP said in his post that I-web have patched their servers already so a patch must be out there for the problem.

OK well I'll run a CPanel update and see what happens.

---------- Post added at 20:01 ---------- Previous post was at 20:00 ----------

Yeah there was a news item at the top of my WHM Admin Page telling me there was an update to fix the vulnerability. Running the update now

[Paul K]

Quote:

Originally Posted by Zeph

OK well I'll run a CPanel update and see what happens.

---------- Post added at 20:01 ---------- Previous post was at 20:00 ----------

Yeah there was a news item at the top of my WHM Admin Page telling me there was an update to fix the vulnerability. Running the update now

Cool. Thought you may have missed KPs post

[marky]

Quote:

Originally Posted by Paul M

That site tests if your IE is vulnerable to the VML security hole.

Mine was, so I installed the MS patch available here ;

http://www.microsoft.com/technet/sec.../MS06-055.mspx

Now IE passes the test ok.

All fixed, i feel better now

[Gareth]

What, that site is knowingly hosting a trojan and asking people to click the link?!? How irresponsible of them.

[Druchii]

Quote:

Originally Posted by Gareth

What, that site is knowingly hosting a trojan and asking people to click the link?!? How irresponsible of them.

No, they are knowingly osting the exploit, then seeing if you're immune to it or not. No malicious code. Just the exploit. If you get my drift.

[SnoopZ]

My IE crashed when i went to http://www.isotf.org/zert/testvml.htm. Installing all the patches from MS update sorted that though. Glad i only use Opera to log into sites!