Buy
Schedule a Demo
Blog
Community Stats
1 day 7 days 30 days Max. View More
Top Posters
    There is no record available at this moment
Most Active Threads
    There is no record available at this moment
Top Rated Posts
    There is no record available at this moment
2008/04/01 09:29:36
plateaultd

Multiple Remote Vulnerabilities

When will these be fixed. We had servers hacked last year and you said there were no problems in HC and asked us to show you proof. Well here is proof.

http://www.securityfocus.com/bid/26862/info

Hosting Controller is prone to 14 remote vulnerabilities, including seven unauthorized-access issues, four SQL-injection issues, two information-disclosure issues, and one HTML-injection issue.

An attacker can exploit these issues to compromise the affected application, execute arbitrary code within the context of the webserver process, steal cookie-based authentication credentials, access or modify data, exploit latent vulnerabilities in the underlying database, obtain sensitive information, and gain unauthorized access to the affected application.

1- [Remote Attacker] can login to hosting controller Panel. He can also change all others' passwords.

2- [User] can copy a file to hosting controller web directory which is executed under administrative privilege, so attacker can execute his commands by administrative privilege. e.g. an attacker can gain remote desktop of server using this bug and uploading an ASP file!

3- [Remote Attacker] can make a new user.

4- [Remote Attacker] can change all user's profiles.

5- [User] can see all the database information by a SQL injection.

6- [User] can change his credit amount or increase his discount.

7- [User] can uninstall other's FrontPage extensions.

8- [User] can delete all of gateway information.

9- [User] can enable or disable pay type.

10- [[User] can see all usernames in the server by "fp2000/NEWSRVR.asp".

11- [User] can find Hosting Controller setup directory.

12- [User] can import unwanted plan or change the plans.

13- [Remote Attacker] can find web site path.

14- [Remote Attacker] can enable or disable all Hosting Controller forums by SQL Injection.

15- [User] can change other's host headers.

[Remote attacker] = (Unauthorized user without any permission or access.)
40 comments Leave a comment
kieranmullen
Event he goverment is involved!
http://forum.hostingcontroller.com/topic.asp?TOPIC_ID=4756

KieranMullen
2008/04/01 12:42:41
ts
Its unacceptable that we still don’t have an update for this.
2008/07/01 09:44:15
mermer
when? we're waiting... why are u waiting please fix it!
2008/08/01 00:27:19
kieranmullen
I guess you dont want to say to much about it or they will lock your thread http://forum.hostingcontroller.com/topic.asp?TOPIC_ID=4756

KieranMullen
2008/09/01 09:24:34
plateaultd
This link gives a list of insecure files:
http://www.securityfocus.com/archive/1/485028

I used that as a starting point in looking at log files on a server that was recently hacked via hosting controller. I found the hacker was using at least the following files (via POST) in his hack:

Change Skin - This may be what made CP inaccessible to customers on one server:
/AdminSettings/displays.asp

Possibly add user to SERV_U:
/serv_u/servu3edit_account.asp

Upload "hacked" files:
/folders/editoractions.asp

----------------
Temporary security fix...
I created a script to temporary rename all the files & folders in just the admin directory. I also created a default.htm saying the control panel is temporarily disabled. If I need to do something on the server I run another script to rename the files back. Then rename them again when I am done.



2008/09/01 14:06:58
plateaultd
In case anyone is interested, here is another hackers paradise in HC that was reported in July and NEVER FIXED!!!

http://forum.hostingcontroller.com/topic.asp?TOPIC_ID=4650

Looks like this may be a repeat problem from 3/2007.


2008/10/01 01:05:24
HC Team
Developers are already working on hotfix and hopefully it will be released soon.

________________________
HC Support Team
support@hostingcontroller.com
http://hostingcontroller.com
+1-213-341-1419
2008/11/01 08:28:35
plateaultd
I hope they will also be updating the version of phpBB (and any other free software), as the phpBB currently in HC 6.1 is way out of date.

Or is there a technote on how we can update it ourselves so new installs get the current stuff?

2008/01/13 14:48:18
mermer
why are u waiting for 25 days? is it very difficult?
2008/01/17 08:53:05
nextmill
Server hacked 2 days ago, changed the HCADMIN password and then logged in and changed the default page for every website to say HACKED!


2008-01-19 10:25:58 GET /skins/PanelXP/Blue/HCStyles.css - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 7236 579
2008-01-19 10:25:59 GET /skins/PanelXP/Blue/images/_loginBottom.jpg - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 1267 591
2008-01-19 10:25:59 GET /skins/PanelXP/Blue/images/login.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 1123 584
2008-01-19 10:25:59 GET /skins/PanelXP/Blue/images/spacerLight.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 291 590
2008-01-19 10:25:59 GET /skins/PanelXP/Blue/images/XPButnBGLeft.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 419 591
2008-01-19 10:25:59 GET /skins/PanelXP/Blue/images/XPButnBGRight.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 428 592
2008-01-19 10:25:59 GET /skins/PanelXP/Blue/images/_loginTop.jpg - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 1356 588
2008-01-19 10:26:00 GET /skins/PanelXP/Blue/images/_login.jpg - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 781 585
2008-01-19 10:26:00 GET /favicon.ico - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO - 404 0 516
2008-01-19 10:26:00 GET /skins/PanelXP/Blue/images/XPButnBG.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/skins/PanelXP/Blue/HCStyles.css 200 404 618
2008-01-19 10:26:03 GET /favicon.ico - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO - 404 0 516
2008-01-19 10:27:36 GET /hosting/addreseller.asp reseller=hcadmin - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) - - 302 540 265
2008-01-19 10:27:36 GET /hosting/addreseller.asp reseller=hcadmin - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) - - 302 0 257
2008-01-19 10:27:38 GET /accounts/accountactions.asp ActionType=AddUser&hostingplantype=&auto=1 - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) ASPSESSIONIDASQSAQBR=JFFJBIOAJOEOBDGBKACDJLNK;+path=/ - 302 543 348
2008-01-19 10:27:39 GET /common/InvalidAttempt.asp msgaction=del&user= - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) ASPSESSIONIDASQSAQBR=JFFJBIOAJOEOBDGBKACDJLNK - 200 256 315
2008-01-19 10:27:40 POST /AdminSettings/displays.asp DecideAction=1&ChangeSkin=1 - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) ASPSESSIONIDASQSAQBR=JFFJBIOAJOEOBDGBKACDJLNK - 200 0 402
2008-01-19 10:27:42 GET /Main.asp TemplateSkin=PanelXP%2FBlue - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) ASPSESSIONIDASQSAQBR=JFFJBIOAJOEOBDGBKACDJLNK;Language=English;+expires=Wed,+01-Jan-2020+08:00:00+GMT;+path=/ - 200 1357 370
2008-01-19 10:27:45 POST /Accounts/AccountActions.asp ActionType=UpdateUser - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) ASPSESSIONIDASQSAQBR=JFFJBIOAJOEOBDGBKACDJLNK;Language=English;+expires=Wed,+01-Jan-2020+08:00:00+GMT;SkinID=Blue;+expires=Wed,+01-Jan-2020+08:00:00+GMT;+path=/ - 302 511 618
2008-01-19 10:28:04 POST /Check_Password.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 302 433 770
2008-01-19 10:28:04 GET /main.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 1367 637
2008-01-19 10:28:05 GET /Header.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/main.asp 200 2304 647
2008-01-19 10:28:07 GET /menu.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/main.asp 200 14350 645
2008-01-19 10:28:08 GET /Header.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Header.asp 200 2304 553
2008-01-19 10:28:08 GET /Contents.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/main.asp 200 12398 649
2008-01-19 10:28:08 GET /Skins/PanelXP/jsscripts/AnimTree.js - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 564 576
2008-01-19 10:28:08 GET /space.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 404 0 570
2008-01-19 10:28:08 GET /skins/PanelXP/Blue/images/TopImage.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 1086 599
2008-01-19 10:28:10 GET /skins/PanelXP/Blue/images/bgDotted.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 297 599
2008-01-19 10:28:10 GET /skins/PanelXP/Blue/hcMenuStyles.css - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1974 591
2008-01-19 10:28:10 GET /skins/PanelXP/Blue/images/infinity.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 457 599
2008-01-19 10:28:10 GET /skins/PanelXP/Blue/images/spacer.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Header.asp 200 291 595
2008-01-19 10:28:10 GET /skins/PanelXP/Blue/images/angle.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Header.asp 200 345 594
2008-01-19 10:28:11 GET /skins/PanelXP/Blue/images/angle2.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Header.asp 200 344 595
2008-01-19 10:28:11 GET /skins/PanelXP/Blue/images/profile.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 953 598
2008-01-19 10:28:11 GET /skins/PanelXP/Blue/images/display_settings.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 425 607
2008-01-19 10:28:11 GET /skins/PanelXP/Blue/images/change_pasword.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 1406 605
2008-01-19 10:28:12 GET /skins/PanelXP/Blue/images/Tutorial2.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 1451 600
2008-01-19 10:28:12 GET /skins/PanelXP/Blue/images/info.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 862 595
2008-01-19 10:28:12 GET /spacer.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 404 0 567
2008-01-19 10:28:12 GET /skins/PanelXP/Blue/images/topleft.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 303 595
2008-01-19 10:28:13 GET /skins/PanelXP/Blue/images/topright.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 313 596
2008-01-19 10:28:13 GET /skins/PanelXP/Blue/images/TopMenuClosed.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1409 601
2008-01-19 10:28:13 GET /skins/PanelXP/Blue/images/1x1.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 290 591
2008-01-19 10:28:14 GET /skins/PanelXP/Blue/images/MenuUserManager.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1308 603
2008-01-19 10:28:14 GET /IconsMain.asp Head=Tools - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 4892 661
2008-01-19 10:28:14 GET /skins/PanelXP/Blue/images/MenuDomains.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1328 599
2008-01-19 10:28:14 GET /skins/PanelXP/Blue/images/MenuHostingPlans.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1299 604
2008-01-19 10:28:14 GET /skins/PanelXP/Blue/images/MenuBilling.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1301 599
2008-01-19 10:28:15 GET /skins/PanelXP/Blue/images/MenuReports.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1323 599
2008-01-19 10:28:15 GET /skins/PanelXP/Blue/images/MenuTools.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1302 597
2008-01-19 10:28:15 GET /skins/PanelXP/Blue/images/MenuServer.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1273 598
2008-01-19 10:28:15 GET /skins/PanelXP/Blue/images/MenuMigeration.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1266 602
2008-01-19 10:28:16 GET /skins/PanelXP/Blue/images/MenuTT.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1257 594
2008-01-19 10:28:16 GET /skins/PanelXP/Blue/images/MenuAskHC.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1281 597
2008-01-19 10:28:17 GET /folders/filemanager.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/IconsMain.asp?Head=Tools 200 19627 676
2008-01-19 10:28:17 GET /skins/PixelOne/Red/images/spacer.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 291 593
2008-01-19 10:28:17 GET /skins/PixelOne/Red/images/ASKHC.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 686 592
2008-01-19 10:28:18 GET /skins/PanelXP/Blue/images/lightning-Header.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/skins/PanelXP/Blue/HCStyles.css 200 21904 626
2008-01-19 10:28:18 GET /folders/filemanager.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/folders/filemanager.asp 200 19627 579



2008/01/20 09:25:30
mermer
you're great hc! why are u waiting please write???
2008/01/22 14:35:50
ITGuard
I upgrade to HC7 and all of my problem solved. Promotion is good thing! and HC7 is more stable and secure than HC6. I like its UI compatibility with Mozilla too.
I think all of you must "Upgrade to HC7" [8)]
2008/01/24 13:07:46
plateaultd
I have tried to upgrade just 1 of my servers and it fails on just my reseller account. I have been waiting on Hosting Controller to determine why for over a week.
quote:
Originally posted by ITGuard
[br]I upgrade to HC7 and all of my problem solved. Promotion is good thing! and HC7 is more stable and secure than HC6. I like its UI compatibility with Mozilla too.
I think all of you must "Upgrade to HC7" [8)]


2008/01/24 14:55:47
nextmill
Create a robots.txt asap in your admin folder that the HC site runs from, make it say

# go away
User-agent: *
Disallow: /


There is no reason for the search engines to index the control panel!! This will prevent your panel from being index and reduce the possibility that the hackers will find your vulnerable HC6 panel to hack!

Yes we need a fix since many of us fail to get HC7 to properly upgrade HC6.

2008/01/26 13:03:20
nextmill
I reported THIS VULNERABILITY on 7.27.2007, its now been 6 months later and still no fix!!

Original Thread : http://forum.hostingcontroller.com/topic.asp?TOPIC_ID=4650
Thread Date : 7.27.2007

This was also reported thru the ticket system at support.hostingcontroller.com, unfortunately it was blown off.

6 months HC??? How much more time do you need to fix a security bug?


2008/01/26 13:33:38
kieranmullen
Change HC defualt port. Change default alias for control panel on sites.


KieranMullen
2008/01/26 15:24:15
gothamweb
HC. When can we expect some security fixes?

Sal
2008/01/26 17:23:52
gothamweb
Hello HC.

your response is needed. When will you provide security fixes for HC 6.x or should we just abandon our licenses. If you check your database we own 40 HC licenses.

Now if you want us to take our business to your competitors all you have to do is say so. At this point we are very disappointed in the manner you have addressed security,

And please do not tell me to upgrade to 7.0 - we would happily upgrade except that with HC 7 you dont support a truly distributed environemnt for larger ISP's

Now please tell me when you plan to address the security fixes for 6.0.

Sal
2008/01/28 09:07:12
ts
quote:
Originally posted by gothamweb
[br]Hello HC.

your response is needed. When will you provide security fixes for HC 6.x or should we just abandon our licenses. If you check your database we own 40 HC licenses.



I hear ya, we had a few like you but are down to just a small handful, rest were moved to dotnetpanel.

I agree about your issues with HC 7 and the same reason we never upgraded and moved to dotnetpanel. We even asked HC for help in moving to HC 7 but wanted to charge us some crazy amount to migrate to HC 7. Is it posible that HC is not fixing these issues to try and force customers pay and upgrade or lose there data or customers information.

Happy to say the dotnetpanel was the best solution we could find to upgrading our servers and the support team at DNP was happy to help us with our issues.

I wish you the best of luck to you, I know what you are going through and be happy to talk with you more offline, feel free to contact me anytime.

Best Of Luck,

Ps. HC please stop the madness and help your customers!
2008/01/29 13:07:22
plateaultd
Interesting, I have just looked at dotnetpanel and will be installing their trial version on a server to see how it works. So far we have been unable to upgrade any servers from 6.1 to HC 7 without HC's intervention. Almost all of the applications included in their "Click and Install" applications pack have security holes and HC says "this is not their problem." I guess the thing that is getting to me the most is HC's attitude regarding these issues and their being part of the problem by not moving to fix security issues when they were 1st notified of them 6 months ago.
quote:

I hear ya, we had a few like you but are down to just a small handful, rest were moved to dotnetpanel.



2008/01/29 14:10:39
gothamweb
Well, we have yet to hear back from HC about the security issues. I am starting to think that they dont understand the severity of the security issue.

In the USA we have a thing called law suits ... and our company doesnt want to be involved on one if a customer is affected.

All new dedicated and colo customers at our company are going on sd now. And we are seriously thinking of moving all our shared to sd too. Looks like HC cant handle security issues and thats a big NO NO in our industry.

We will wait till end of the week, they know how to contact us. They know our email and phone if they want to retain our business but maybe 40 licenses are too little for HC to worry about :)

Sal
2008/01/29 16:45:48
plateaultd
Which control panel is SD?

quote:
Originally posted by gothamweb
[br]Well, we have yet to hear back from HC about the security issues. I am starting to think that they dont understand the severity of the security issue.

In the USA we have a thing called law suits ... and our company doesnt want to be involved on one if a customer is affected.

All new dedicated and colo customers at our company are going on sd now. And we are seriously thinking of moving all our shared to sd too. Looks like HC cant handle security issues and thats a big NO NO in our industry.

We will wait till end of the week, they know how to contact us. They know our email and phone if they want to retain our business but maybe 40 licenses are too little for HC to worry about :)

Sal


2008/01/29 21:41:05
mermer
hc... what are u thinking about fix???
2008/01/30 03:30:11
gothamweb
I didnt write SD ... I think HC replaced H*&^LM with SD in my post
2008/01/30 06:46:55
patrick
HC I have been using this 7 version from last 8 months so far I have a good experience with your team. But I agree with other fellows who are using old HC version that security related patches should be released ASAP. I know your developers would have already started work on it...so don't be late mike :)

Otherwise these friends will suffer from more pain as switching the control panel is not a piece of cake.

Expecting a good news soon
2008/01/30 16:05:28
stsa55


I hear ya, we had a few like you but are down to just a small handful, rest were moved to dotnetpanel.

I agree about your issues with HC 7 and the same reason we never upgraded and moved to dotnetpanel. We even asked HC for help in moving to HC 7 but wanted to charge us some crazy amount to migrate to HC 7. Is it posible that HC is not fixing these issues to try and force customers pay and upgrade or lose there data or customers information.

Happy to say the dotnetpanel was the best solution we could find to upgrading our servers and the support team at DNP was happy to help us with our issues.

I wish you the best of luck to you, I know what you are going through and be happy to talk with you more offline, feel free to contact me anytime.

Best Of Luck,

Ps. HC please stop the madness and help your customers!


I was using HC long time ago then swtiched to Hspere but we were SUCKED after plsk acquistion. Now I have decided to come back to HC but looking at this thread I have decided to go with HC 7C.

DNpanel is hmmm.... okay, but in my personal opnion they need more time to become a mature panel to compete other giants.
2008/01/30 16:28:26
HC Team
We are releasing security patch for HC6 issues in a week time. Regarding HC7, we are improving it all the time and you will have some new features and integrations in upcoming build. FYI we DON'T charge for upgrade issues but if you want support team to upgrade your servers then you have to pay some extra money as service charges.

________________________
HC Support Team
support@hostingcontroller.com
http://hostingcontroller.com
+1-213-341-1419
2008/01/31 04:09:30
kieranmullen
I was charged $99 for HC 6 upgrade and for service. No one else was charged for it becuase it was made free. No refund was given. No credis for other services were given.

KieranMullen
2008/01/31 08:49:05
patrick
quote:
Originally posted by kieranmullen
[br]I was charged $99 for HC 6 upgrade and for service. No one else was charged for it becuase it was made free. No refund was given. No credis for other services were given.

KieranMullen


Come on man don't you see how important conversation is going in this crucial thread... Don't divert our attension by acting in such a merciless way. If you are worried for just $99 then go and request to hc team directly because I have seen same words from you in couple of other threads . I hope they will do something for you...

By the way how long ago did you pay this amount probably 2-3 years ago... Even kids forget about such small amount of money..grow up ..[:(!]
2008/01/31 10:01:44
kieranmullen
Sometimes you will learn in life it is not about the amount of something but it is about the principal of the matter.

In addition, this is related to the thread because of HC's post that they do not charge for security updates. If something is not true, I am not going to let it pass.

km
quote:
Originally posted by patrick
[br]
quote:
Originally posted by kieranmullen
[br]I was charged $99 for HC 6 upgrade and for service. No one else was charged for it becuase it was made free. No refund was given. No credis for other services were given.

KieranMullen


Come on man don't you see how important conversation is going in this crucial thread... Don't divert our attension by acting in such a merciless way. If you are worried for just $99 then go and request to hc team directly because I have seen same words from you in couple of other threads . I hope they will do something for you...

By the way how long ago did you pay this amount probably 2-3 years ago... Even kids forget about such small amount of money..grow up ..[:(!]


KieranMullen
2008/01/31 12:07:36
kieranmullen
I forgot to mention. I would be happy if HC wanted to donate the money on my behalf in my name to a charity of my choice. "Red Cross"
KM

KieranMullen
2008/01/31 18:11:40
tonymak
quote:
Originally posted by kieranmullen
[br]I forgot to mention. I would be happy if HC wanted to donate the money on my behalf in my name to a charity of my choice. "Red Cross"
KM

KieranMullen


I would prefer to monitor this post for HC's announcement as to when it's ready, do you think maybe you could start up your own thread we we can ignore you and we can get some constructive feedback. I think you've stood in the corner throwing your tantrum long enough it's getting old.

Tony Mak...
2008/01/31 19:49:53
gothamweb
What is the status of security fixes HC??

your action is needed. When will you provide security fixes for HC 6.x or should we just abandon our licenses. If you check your database we own 40 HC licenses.

Now if you want us to take our business to your competitors all you have to do is say so. At this point we are very disappointed in the manner you have addressed security,

And please do not tell me to upgrade to 7.0 - we would happily upgrade except that with HC 7 you dont support a truly distributed environemnt for larger ISP's

Now please tell me when you plan to address the security fixes for 6.0.

Sal
2008/05/02 18:51:31
HC Team
quote:
Originally posted by gothamweb
[br]What is the status of security fixes HC??

your action is needed. When will you provide security fixes for HC 6.x or should we just abandon our licenses. If you check your database we own 40 HC licenses.

Now if you want us to take our business to your competitors all you have to do is say so. At this point we are very disappointed in the manner you have addressed security,

And please do not tell me to upgrade to 7.0 - we would happily upgrade except that with HC 7 you dont support a truly distributed environemnt for larger ISP's

Now please tell me when you plan to address the security fixes for 6.0.

Sal


I have already replied in my previous post. Let me mention it again.

01/31/2008 :
"We are releasing security patch for HC6 issues in a week time. Regarding HC7, we are improving it all the time and you will have some new features and integrations in upcoming build. FYI we DON'T charge for upgrade issues but if you want support team to upgrade your servers then you have to pay some extra money as service charges.
"

________________________
HC Support Team
support@hostingcontroller.com
http://hostingcontroller.com
+1-213-341-1419
2008/06/02 08:18:08
gothamweb
I asked about status because a week had gone by.

And as much as I would like to upgrade to V7, it doesnt work for large hosting environments yet. When it does we will test and evaluate.

For now we need to get HC6 fixed so they dont get hacked every single day

Sal
2008/06/02 08:22:25
mermer
quote:
Originally posted by HC Support
[br]
quote:
Originally posted by gothamweb
[br]What is the status of security fixes HC??

your action is needed. When will you provide security fixes for HC 6.x or should we just abandon our licenses. If you check your database we own 40 HC licenses.

Now if you want us to take our business to your competitors all you have to do is say so. At this point we are very disappointed in the manner you have addressed security,

And please do not tell me to upgrade to 7.0 - we would happily upgrade except that with HC 7 you dont support a truly distributed environemnt for larger ISP's

Now please tell me when you plan to address the security fixes for 6.0.

Sal


I have already replied in my previous post. Let me mention it again.

01/31/2008 :
"We are releasing security patch for HC6 issues in a week time. Regarding HC7, we are improving it all the time and you will have some new features and integrations in upcoming build. FYI we DON'T charge for upgrade issues but if you want support team to upgrade your servers then you have to pay some extra money as service charges.
"

________________________
HC Support Team
support@hostingcontroller.com
http://hostingcontroller.com
+1-213-341-1419



in a week time? we are waiting yet... please... is isn't important for you? WE ARE YOUR CUSTOMERS!! Please... please... please... please... please...
2008/08/02 09:01:05
HC Team
We are sorry for the delay. Security patch will be released tomorrow on this page.

________________________
HC Support Team
support@hostingcontroller.com
http://hostingcontroller.com
+1-213-341-1419
2008/08/02 09:48:41
HC Team
Security patch has been released. Please check this page for details.

________________________
HC Support Team
support@hostingcontroller.com
http://hostingcontroller.com
+1-213-341-1419
2008/09/02 01:54:53
mermer
Ok thanks but there is no fix for "hosting" folder... is it normally?
for example addreseller.asp etc.
2008/09/02 02:02:07
HC Team
We have tried to fix maximum issues in this security patch but If you are still facing any problem please contact hc support. They will verify it. Thanks

________________________
HC Support Team
support@hostingcontroller.com
http://hostingcontroller.com
+1-213-341-1419
2008/12/02 01:29:13

Comments are closed.