CPanel Vulnerability Wreaks Havoc with Sites on HostGator

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Netcraft reports that very many sites hosted on Hostgator were redirected to web
containing the current Microsoft VML exploit.

The article is at
(watch the wrap )

It does not specify the vulnerability in CPanel, because it is a new flaw
("0-day") not
known to the public (not the Cross Site Scripting problem CPanel fixed in
August). The
vulnerability  needs local access, which limits its use. A compromised customer
with access
to CPanel or a way into the server is required to execute the exploit.

Notwithstanding, HostGator will probably not end up as the only one affected by
the flaw.

CPanel has made a patch which can be obtained automagically by performing
/scripts/upcp in
your installation. If you administer a server farm and you have more than a few
using CPanel then have your weekend admin install the patch.

Site Timeline