Got 10 VestaCP servers exploited

AKr0nizz · Post by **AKr0nizz** » Sun Apr 08, 2018 11:07 am

sandy wrote: ↑
Sun Apr 08, 2018 11:03 am

AKr0nizz wrote: ↑
Sun Apr 08, 2018 10:58 am

MAN5 wrote: ↑
Sun Apr 08, 2018 10:51 am

Hi, we should be patience with Vesta team, even we got calls from our frustrated clients.
The affected servers are running with vesta > doesnt meant vesta had this bug. Let them to find the issue 1st.
More likely its problem with RoundCube. 23 hours ago critical exploit for it was published. I realize that VastaCP is the awesome product as for freeware.

@sandy
Even WordPress has more security breaches, if we compare it to Vesta.

You can find bugs and exploits in every software btw. Just bugs in Control Panels are more critical in comparison to MS Word for example.
only if you use vulnerable plugins/theme under wp and vesta doesn't use plugins/module though

It uses modules, such a nginx, apache, roundcube, spamassasin and so on.

sandy · Post by **sandy** » Sun Apr 08, 2018 11:09 am

can you install other things like wp? those are lamp/lemp stack not module

Post by **imperio** » Sun Apr 08, 2018 11:11 am

More likely its problem with RoundCube. 23 hours ago critical exploit for it was published

Please, write more about that

lukapaunovic · Post by **lukapaunovic** » Sun Apr 08, 2018 11:14 am

https://cve.mitre.org/cgi-bin/cvename.c ... -2018-9846

sandy · Post by **sandy** » Sun Apr 08, 2018 11:15 am

lukapaunovic wrote: ↑
Sun Apr 08, 2018 11:14 am
https://cve.mitre.org/cgi-bin/cvename.c ... -2018-9846

negative not related with current exploit

AKr0nizz · Post by **AKr0nizz** » Sun Apr 08, 2018 11:19 am

imperio wrote: ↑
Sun Apr 08, 2018 11:11 am

More likely its problem with RoundCube. 23 hours ago critical exploit for it was published
Please, write more about that

https://github.com/roundcube/roundcubemail/issues/6238

sandy · Post by **sandy** » Sun Apr 08, 2018 11:21 am

AKr0nizz wrote: ↑
Sun Apr 08, 2018 11:19 am

imperio wrote: ↑
Sun Apr 08, 2018 11:11 am

More likely its problem with RoundCube. 23 hours ago critical exploit for it was published
Please, write more about that
https://github.com/roundcube/roundcubemail/issues/6238

exploit resulting :
(will return a File not Found template, nonetheless code'll be executed).
again not related with current ddos hack

AKr0nizz · Post by **AKr0nizz** » Sun Apr 08, 2018 11:25 am

sandy wrote: ↑
Sun Apr 08, 2018 11:21 am

AKr0nizz wrote: ↑
Sun Apr 08, 2018 11:19 am

imperio wrote: ↑
Sun Apr 08, 2018 11:11 am

Please, write more about that
https://github.com/roundcube/roundcubemail/issues/6238
exploit resulting :
(will return a File not Found template, nonetheless code'll be executed).
again not related with current ddos hack

Oh, my god. Someone gained access to root shell. Now Vesta servers not only ddos, thay also spam, send malware and so on.

lukapaunovic · Post by **lukapaunovic** » Sun Apr 08, 2018 11:25 am

sandy can you check [email protected]
i'm waiting for more than 20 minutes.
I sent you access to hacked server.
serghey is not online so he can't look into it.
can anyone from vesta look into it. the disk is mounted it's in rescue mode.

lukapaunovic · Post by **lukapaunovic** » Sun Apr 08, 2018 11:26 am

sandy can you check [email protected]
i'm waiting for more than 20 minutes.
I sent you access to hacked server.
serghey is not online so he can't look into it.
can anyone from vesta look into it. the disk is mounted it's in rescue mode.

Vesta Control Panel - Forum

Got 10 VestaCP servers exploited

Re: Got 10 VestaCP servers exploited

Re: Got 10 VestaCP servers exploited

Re: Got 10 VestaCP servers exploited

Re: Got 10 VestaCP servers exploited

Re: Got 10 VestaCP servers exploited

Re: Got 10 VestaCP servers exploited

Re: Got 10 VestaCP servers exploited

Re: Got 10 VestaCP servers exploited

Re: Got 10 VestaCP servers exploited

Re: Got 10 VestaCP servers exploited

Login • Register