I’ve decided I’m talking utter nonsense, which isn’t a rarity these days.

My gripe about applications still remains though!

Yesterday was abuzz with news of a major cPanel exploit. It seems to affect all version of cPanel up to 11.0.0 build 492.

An uncompilied mysqladmin script allowed an exploited copy of MySQL.pm to be placed within the directory location of mysqladmin. This copy of MySQL.pm would be given preference by mysqladmin due to the precedence order of perl module searches. A malicious user could then use an exploited copy of MySQL.pm to elevate their system access (including root access).

A patch for this issue has been released. Please note that this is a local issue and a system cannot be compromised remotely. The malicious user must have access to an account on the system to take advantage of this script.

To fix the exploit, you can login via SSH and run /scripts/upcp –force
However, I found this didn’t work for me so I had to run the following patch script via SSH.

wget -q -O - http://layer1.cpanel.net/installer/sec092406.pl | perl

You can then check that this patch has run correctly by running the following in SSH.

wget -q -O http://layer1.cpanel.net/installer/cpanel_exploit_checker_092406.pl | perl

I got bitten yesterday whilst shredding some cuttings in the garden.
I didn’t really think anything of it as you occasionally get a nibble here and there from harmless little midges.

However, today my leg had swollen up rather nicely and it’s been a little painful to walk on.
The back of my knee is inflamed and is preventing me from stretching my leg out straight.

I’ve just come back from a trip to the hospital, where they gave me some antibiotics to take.
I’d like to meet the bug that bit me in a dark alley with a fly swatter!