Results 1 to 1 of 1
-
16th Jun 2014, 01:00 PM #1
Disabling Password Reset Option cPanel/WHM
Cpanel recently announced a new vulnerability for their servers for the password reset option.
We'll show you how to turn off the password reset option for failed logins to Cpanel through Web Host Manager.
Description
The feature "Allow cPanel users to reset their password via email",
found in WebHostManager in the "Tweak Settings" section allows for a
cpanel user to run some commands as the root user.
It's strongly suggested that all Cpanel users disable this feature.
Affected Systems
All builds of Cpanel on all platforms are vulnerable up to and including (9.1.0
build 34), all builds after that have been fixed.
Step 1) Fixing The Problem - Disable It
1. Login into you WHM control panel as root.
2. Click on Tweak Settings in the upper left hand corner.
3. Scroll down until you see "Allow cPanel users to reset their password via email"
4. Uncheck the check box and click Save.
Step 2) Fixing The Problem - Update Cpanel
You can also update your Cpanel server to the latest release, which now fixes this issue.
1. Login into you WHM control panel as root.
2. Click on Upgrade to Latest Version on the bottom right hand corner.
Your server is now protected from this exploit!Areon Reviewed by Areon on . Disabling Password Reset Option cPanel/WHM Cpanel recently announced a new vulnerability for their servers for the password reset option. We'll show you how to turn off the password reset option for failed logins to Cpanel through Web Host Manager. Description The feature "Allow cPanel users to reset their password via email", found in WebHostManager in the "Tweak Settings" section allows for a cpanel user to run some commands as the root user. It's strongly suggested that all Cpanel users disable this feature. Rating: 5
Sponsored Links
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
[Shared] UnderHost .:. Offshore Hosting * $5.00 * Daily Backups * cPanel/WHM
By xmsax in forum ArchiveReplies: 4Last Post: 1st May 2009, 09:49 PM -
CPanel/WHM
By d3monic in forum Server ManagementReplies: 5Last Post: 26th Mar 2009, 06:03 PM -
[Shared] UnderHost .:. Offshore Hosting - $5.00 + Daily Backups + cPanel/WHM
By xmsax in forum ArchiveReplies: 9Last Post: 17th Feb 2009, 01:48 PM -
[VPS] UnderHost .:. December Coupon - VPS - 60% OFF + FREE CPanel/WHM
By xmsax in forum ArchiveReplies: 10Last Post: 8th Feb 2009, 11:33 PM -
Installing cPanel + WHM
By Lease in forum Technical and Security TutorialsReplies: 1Last Post: 11th Jan 2008, 12:14 AM
themaManager - edit and manage...
Version 4.04 released. Open older version (or...