08 Oct
Steal my ID 0
, , , , ,

I laugh at emails like this.

Ticket Number: 5647600545188
Ref: UK/9420X2/68, Batch: 074/05/ZY369
Attention: Lucky Winner,
We are happy to announce that you are one of our Lucky Four(4)
Star Prize Winner in this months edition of the UK National Lottery
held on 29th of September 2007 in England.
This makes you a proud Winner of 850,000 Great British Pounds.
To claim your prize Contact the claim office with the underlisted
informations as soon as possible:
Name,Address,Country,Age,Sex,Occupation,Phone, Fax.
Best Regards,
Carlton Adams

Nice one Carlton Adams, but I don’t believe your 850,000 Great British pounds are real.
Your “claim office”, a hotmail email address, is hardly convincing either.

03 Mar
WordPress Upgrade 0
, , , ,

Just a heads up to anyone else who runs WordPress, there’s a new release 2.1.2 available.
Some versions of 2.1.1 may have been exploited by a cracker to allow remote execution of code. Upgrading is advised as a preventative measure.

25 Sep
Major cPanel Exploit 0
, , , , , ,

Yesterday was abuzz with news of a major cPanel exploit. It seems to affect all version of cPanel up to 11.0.0 build 492.

An uncompilied mysqladmin script allowed an exploited copy of MySQL.pm to be placed within the directory location of mysqladmin. This copy of MySQL.pm would be given preference by mysqladmin due to the precedence order of perl module searches. A malicious user could then use an exploited copy of MySQL.pm to elevate their system access (including root access).

A patch for this issue has been released. Please note that this is a local issue and a system cannot be compromised remotely. The malicious user must have access to an account on the system to take advantage of this script.

To fix the exploit, you can login via SSH and run /scripts/upcp –force
However, I found this didn’t work for me so I had to run the following patch script via SSH.

wget -q -O - http://layer1.cpanel.net/installer/sec092406.pl | perl

You can then check that this patch has run correctly by running the following in SSH.

wget -q -O http://layer1.cpanel.net/installer/cpanel_exploit_checker_092406.pl | perl
lotsa emails this way!