Multiple Remote Vulnerabilities | HC Panel Community

Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes

Mark Thread UnreadFlat Reading Mode ❐

LockedMultiple Remote Vulnerabilities

Page: 1 2 3 > Showing page 1 of 3

Author Post Essentials Only Full Version
plateaultd Senior Member 2008/04/01 09:29:36 (permalink) Multiple Remote Vulnerabilities When will these be fixed. We had servers hacked last year and you said there were no problems in HC and asked us to show you proof. Well here is proof. http://www.securityfocus.com/bid/26862/info Hosting Controller is prone to 14 remote vulnerabilities, including seven unauthorized-access issues, four SQL-injection issues, two information-disclosure issues, and one HTML-injection issue. An attacker can exploit these issues to compromise the affected application, execute arbitrary code within the context of the webserver process, steal cookie-based authentication credentials, access or modify data, exploit latent vulnerabilities in the underlying database, obtain sensitive information, and gain unauthorized access to the affected application. 1- [Remote Attacker] can login to hosting controller Panel. He can also change all others' passwords. 2- [User] can copy a file to hosting controller web directory which is executed under administrative privilege, so attacker can execute his commands by administrative privilege. e.g. an attacker can gain remote desktop of server using this bug and uploading an ASP file! 3- [Remote Attacker] can make a new user. 4- [Remote Attacker] can change all user's profiles. 5- [User] can see all the database information by a SQL injection. 6- [User] can change his credit amount or increase his discount. 7- [User] can uninstall other's FrontPage extensions. 8- [User] can delete all of gateway information. 9- [User] can enable or disable pay type. 10- [[User] can see all usernames in the server by "fp2000/NEWSRVR.asp". 11- [User] can find Hosting Controller setup directory. 12- [User] can import unwanted plan or change the plans. 13- [Remote Attacker] can find web site path. 14- [Remote Attacker] can enable or disable all Hosting Controller forums by SQL Injection. 15- [User] can change other's host headers. [Remote attacker] = (Unauthorized user without any permission or access.) #1 40 Replies Related Threads
kieranmullen Premium Member RE: Multiple Remote Vulnerabilities 2008/04/01 12:42:41 (permalink) Event he goverment is involved! http://forum.hostingcontroller.com/topic.asp?TOPIC_ID=4756 KieranMullen #2
ts Premium Member RE: Multiple Remote Vulnerabilities 2008/07/01 09:44:15 (permalink) Its unacceptable that we still don’t have an update for this. #3
mermer Junior Member RE: Multiple Remote Vulnerabilities 2008/08/01 00:27:19 (permalink) when? we're waiting... why are u waiting please fix it! #4
kieranmullen Premium Member RE: Multiple Remote Vulnerabilities 2008/09/01 09:24:34 (permalink) I guess you dont want to say to much about it or they will lock your thread http://forum.hostingcontroller.com/topic.asp?TOPIC_ID=4756 KieranMullen #5
plateaultd Senior Member RE: Multiple Remote Vulnerabilities 2008/09/01 14:06:58 (permalink) This link gives a list of insecure files: http://www.securityfocus.com/archive/1/485028 I used that as a starting point in looking at log files on a server that was recently hacked via hosting controller. I found the hacker was using at least the following files (via POST) in his hack: Change Skin - This may be what made CP inaccessible to customers on one server: /AdminSettings/displays.asp Possibly add user to SERV_U: /serv_u/servu3edit_account.asp Upload "hacked" files: /folders/editoractions.asp ---------------- Temporary security fix... I created a script to temporary rename all the files & folders in just the admin directory. I also created a default.htm saying the control panel is temporarily disabled. If I need to do something on the server I run another script to rename the files back. Then rename them again when I am done. #6
plateaultd Senior Member RE: Multiple Remote Vulnerabilities 2008/10/01 01:05:24 (permalink) In case anyone is interested, here is another hackers paradise in HC that was reported in July and NEVER FIXED!!! http://forum.hostingcontroller.com/topic.asp?TOPIC_ID=4650 Looks like this may be a repeat problem from 3/2007. #7
HC Team Hosting Controller RE: Multiple Remote Vulnerabilities 2008/11/01 08:28:35 (permalink) Developers are already working on hotfix and hopefully it will be released soon. ________________________ HC Support Team support@hostingcontroller.com http://hostingcontroller.com +1-213-341-1419 #8
plateaultd Senior Member RE: Multiple Remote Vulnerabilities 2008/01/13 14:48:18 (permalink) I hope they will also be updating the version of phpBB (and any other free software), as the phpBB currently in HC 6.1 is way out of date. Or is there a technote on how we can update it ourselves so new installs get the current stuff? #9
mermer Junior Member RE: Multiple Remote Vulnerabilities 2008/01/17 08:53:05 (permalink) why are u waiting for 25 days? is it very difficult? #10
nextmill Senior Member RE: Multiple Remote Vulnerabilities 2008/01/20 09:25:30 (permalink) Server hacked 2 days ago, changed the HCADMIN password and then logged in and changed the default page for every website to say HACKED! 2008-01-19 10:25:58 GET /skins/PanelXP/Blue/HCStyles.css - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 7236 579 2008-01-19 10:25:59 GET /skins/PanelXP/Blue/images/_loginBottom.jpg - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 1267 591 2008-01-19 10:25:59 GET /skins/PanelXP/Blue/images/login.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 1123 584 2008-01-19 10:25:59 GET /skins/PanelXP/Blue/images/spacerLight.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 291 590 2008-01-19 10:25:59 GET /skins/PanelXP/Blue/images/XPButnBGLeft.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 419 591 2008-01-19 10:25:59 GET /skins/PanelXP/Blue/images/XPButnBGRight.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 428 592 2008-01-19 10:25:59 GET /skins/PanelXP/Blue/images/_loginTop.jpg - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 1356 588 2008-01-19 10:26:00 GET /skins/PanelXP/Blue/images/_login.jpg - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 781 585 2008-01-19 10:26:00 GET /favicon.ico - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO - 404 0 516 2008-01-19 10:26:00 GET /skins/PanelXP/Blue/images/XPButnBG.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/skins/PanelXP/Blue/HCStyles.css 200 404 618 2008-01-19 10:26:03 GET /favicon.ico - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO - 404 0 516 2008-01-19 10:27:36 GET /hosting/addreseller.asp reseller=hcadmin - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) - - 302 540 265 2008-01-19 10:27:36 GET /hosting/addreseller.asp reseller=hcadmin - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) - - 302 0 257 2008-01-19 10:27:38 GET /accounts/accountactions.asp ActionType=AddUser&hostingplantype=&auto=1 - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) ASPSESSIONIDASQSAQBR=JFFJBIOAJOEOBDGBKACDJLNK;+path=/ - 302 543 348 2008-01-19 10:27:39 GET /common/InvalidAttempt.asp msgaction=del&user= - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) ASPSESSIONIDASQSAQBR=JFFJBIOAJOEOBDGBKACDJLNK - 200 256 315 2008-01-19 10:27:40 POST /AdminSettings/displays.asp DecideAction=1&ChangeSkin=1 - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) ASPSESSIONIDASQSAQBR=JFFJBIOAJOEOBDGBKACDJLNK - 200 0 402 2008-01-19 10:27:42 GET /Main.asp TemplateSkin=PanelXP%2FBlue - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) ASPSESSIONIDASQSAQBR=JFFJBIOAJOEOBDGBKACDJLNK;Language=English;+expires=Wed,+01-Jan-2020+08:00:00+GMT;+path=/ - 200 1357 370 2008-01-19 10:27:45 POST /Accounts/AccountActions.asp ActionType=UpdateUser - 89.165.62.232 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+InfoPath.2) ASPSESSIONIDASQSAQBR=JFFJBIOAJOEOBDGBKACDJLNK;Language=English;+expires=Wed,+01-Jan-2020+08:00:00+GMT;SkinID=Blue;+expires=Wed,+01-Jan-2020+08:00:00+GMT;+path=/ - 302 511 618 2008-01-19 10:28:04 POST /Check_Password.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 302 433 770 2008-01-19 10:28:04 GET /main.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/ 200 1367 637 2008-01-19 10:28:05 GET /Header.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/main.asp 200 2304 647 2008-01-19 10:28:07 GET /menu.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/main.asp 200 14350 645 2008-01-19 10:28:08 GET /Header.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Header.asp 200 2304 553 2008-01-19 10:28:08 GET /Contents.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/main.asp 200 12398 649 2008-01-19 10:28:08 GET /Skins/PanelXP/jsscripts/AnimTree.js - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 564 576 2008-01-19 10:28:08 GET /space.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 404 0 570 2008-01-19 10:28:08 GET /skins/PanelXP/Blue/images/TopImage.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 1086 599 2008-01-19 10:28:10 GET /skins/PanelXP/Blue/images/bgDotted.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 297 599 2008-01-19 10:28:10 GET /skins/PanelXP/Blue/hcMenuStyles.css - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1974 591 2008-01-19 10:28:10 GET /skins/PanelXP/Blue/images/infinity.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 457 599 2008-01-19 10:28:10 GET /skins/PanelXP/Blue/images/spacer.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Header.asp 200 291 595 2008-01-19 10:28:10 GET /skins/PanelXP/Blue/images/angle.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Header.asp 200 345 594 2008-01-19 10:28:11 GET /skins/PanelXP/Blue/images/angle2.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Header.asp 200 344 595 2008-01-19 10:28:11 GET /skins/PanelXP/Blue/images/profile.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 953 598 2008-01-19 10:28:11 GET /skins/PanelXP/Blue/images/display_settings.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 425 607 2008-01-19 10:28:11 GET /skins/PanelXP/Blue/images/change_pasword.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 1406 605 2008-01-19 10:28:12 GET /skins/PanelXP/Blue/images/Tutorial2.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 1451 600 2008-01-19 10:28:12 GET /skins/PanelXP/Blue/images/info.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/Contents.asp 200 862 595 2008-01-19 10:28:12 GET /spacer.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 404 0 567 2008-01-19 10:28:12 GET /skins/PanelXP/Blue/images/topleft.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 303 595 2008-01-19 10:28:13 GET /skins/PanelXP/Blue/images/topright.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 313 596 2008-01-19 10:28:13 GET /skins/PanelXP/Blue/images/TopMenuClosed.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1409 601 2008-01-19 10:28:13 GET /skins/PanelXP/Blue/images/1x1.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 290 591 2008-01-19 10:28:14 GET /skins/PanelXP/Blue/images/MenuUserManager.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1308 603 2008-01-19 10:28:14 GET /IconsMain.asp Head=Tools - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 4892 661 2008-01-19 10:28:14 GET /skins/PanelXP/Blue/images/MenuDomains.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1328 599 2008-01-19 10:28:14 GET /skins/PanelXP/Blue/images/MenuHostingPlans.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1299 604 2008-01-19 10:28:14 GET /skins/PanelXP/Blue/images/MenuBilling.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1301 599 2008-01-19 10:28:15 GET /skins/PanelXP/Blue/images/MenuReports.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1323 599 2008-01-19 10:28:15 GET /skins/PanelXP/Blue/images/MenuTools.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1302 597 2008-01-19 10:28:15 GET /skins/PanelXP/Blue/images/MenuServer.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1273 598 2008-01-19 10:28:15 GET /skins/PanelXP/Blue/images/MenuMigeration.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1266 602 2008-01-19 10:28:16 GET /skins/PanelXP/Blue/images/MenuTT.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1257 594 2008-01-19 10:28:16 GET /skins/PanelXP/Blue/images/MenuAskHC.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 1281 597 2008-01-19 10:28:17 GET /folders/filemanager.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/IconsMain.asp?Head=Tools 200 19627 676 2008-01-19 10:28:17 GET /skins/PixelOne/Red/images/spacer.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 291 593 2008-01-19 10:28:17 GET /skins/PixelOne/Red/images/ASKHC.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/menu.asp 200 686 592 2008-01-19 10:28:18 GET /skins/PanelXP/Blue/images/lightning-Header.gif - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/skins/PanelXP/Blue/HCStyles.css 200 21904 626 2008-01-19 10:28:18 GET /folders/filemanager.asp - - 89.165.62.232 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.8.1.5pre)+Gecko/20070628+BonEcho/2.0.0.5pre showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDASQSAQBR=IFFJBIOANNOAABPFDNDOGOFO http://mungedserverfqdn.net:8077/folders/filemanager.asp 200 19627 579 #11
mermer Junior Member RE: Multiple Remote Vulnerabilities 2008/01/22 14:35:50 (permalink) you're great hc! why are u waiting please write??? #12
ITGuard Junior Member RE: Multiple Remote Vulnerabilities 2008/01/24 13:07:46 (permalink) I upgrade to HC7 and all of my problem solved. Promotion is good thing! and HC7 is more stable and secure than HC6. I like its UI compatibility with Mozilla too. I think all of you must "Upgrade to HC7" [8)] #13
plateaultd Senior Member RE: Multiple Remote Vulnerabilities 2008/01/24 14:55:47 (permalink) I have tried to upgrade just 1 of my servers and it fails on just my reseller account. I have been waiting on Hosting Controller to determine why for over a week. quote: Originally posted by ITGuard [br]I upgrade to HC7 and all of my problem solved. Promotion is good thing! and HC7 is more stable and secure than HC6. I like its UI compatibility with Mozilla too. I think all of you must "Upgrade to HC7" [8)] #14
nextmill Senior Member RE: Multiple Remote Vulnerabilities 2008/01/26 13:03:20 (permalink) Create a robots.txt asap in your admin folder that the HC site runs from, make it say # go away User-agent: * Disallow: / There is no reason for the search engines to index the control panel!! This will prevent your panel from being index and reduce the possibility that the hackers will find your vulnerable HC6 panel to hack! Yes we need a fix since many of us fail to get HC7 to properly upgrade HC6. #15

Page: 1 2 3 > Showing page 1 of 3

Jump to: