We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on Vesta 2.0 and expect to release it by the end of 2024. Read more about it: https://vestacp.com/docs/vesta-2-development
Got 10 VestaCP servers exploited
Re: Got 10 VestaCP servers exploited
It uses modules, such a nginx, apache, roundcube, spamassasin and so on.sandy wrote: ↑Sun Apr 08, 2018 11:03 amonly if you use vulnerable plugins/theme under wp and vesta doesn't use plugins/module thoughAKr0nizz wrote: ↑Sun Apr 08, 2018 10:58 amMore likely its problem with RoundCube. 23 hours ago critical exploit for it was published. I realize that VastaCP is the awesome product as for freeware.
@sandy
Even WordPress has more security breaches, if we compare it to Vesta.
You can find bugs and exploits in every software btw. Just bugs in Control Panels are more critical in comparison to MS Word for example.
Re: Got 10 VestaCP servers exploited
can you install other things like wp? those are lamp/lemp stack not module
Re: Got 10 VestaCP servers exploited
Please, write more about thatMore likely its problem with RoundCube. 23 hours ago critical exploit for it was published
-
lukapaunovic
- Posts: 73
- Joined: Sun Dec 03, 2017 6:30 pm
Re: Got 10 VestaCP servers exploited
negative not related with current exploitlukapaunovic wrote: ↑Sun Apr 08, 2018 11:14 amhttps://cve.mitre.org/cgi-bin/cvename.c ... -2018-9846
Re: Got 10 VestaCP servers exploited
exploit resulting :
(will return a File not Found template, nonetheless code'll be executed).
again not related with current ddos hack
Re: Got 10 VestaCP servers exploited
Oh, my god. Someone gained access to root shell. Now Vesta servers not only ddos, thay also spam, send malware and so on.sandy wrote: ↑Sun Apr 08, 2018 11:21 amexploit resulting :
(will return a File not Found template, nonetheless code'll be executed).
again not related with current ddos hack
-
lukapaunovic
- Posts: 73
- Joined: Sun Dec 03, 2017 6:30 pm
Re: Got 10 VestaCP servers exploited
sandy can you check [email protected]
i'm waiting for more than 20 minutes.
I sent you access to hacked server.
serghey is not online so he can't look into it.
can anyone from vesta look into it. the disk is mounted it's in rescue mode.
i'm waiting for more than 20 minutes.
I sent you access to hacked server.
serghey is not online so he can't look into it.
can anyone from vesta look into it. the disk is mounted it's in rescue mode.
-
lukapaunovic
- Posts: 73
- Joined: Sun Dec 03, 2017 6:30 pm
Re: Got 10 VestaCP servers exploited
sandy can you check [email protected]
i'm waiting for more than 20 minutes.
I sent you access to hacked server.
serghey is not online so he can't look into it.
can anyone from vesta look into it. the disk is mounted it's in rescue mode.
i'm waiting for more than 20 minutes.
I sent you access to hacked server.
serghey is not online so he can't look into it.
can anyone from vesta look into it. the disk is mounted it's in rescue mode.