EmailDiscussions.com  

Go Back   EmailDiscussions.com > Email Service Provider-specific Forums > Runbox Forum
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

Runbox Forum Everything related to Runbox should go here: suggestions, comments, complaints, questions, technical issues, etc.

Reply
 
Thread Tools
Old 1 Mar 2013, 04:15 AM   #1
gecko
Senior Member
 
Join Date: Feb 2010
Posts: 107
cPanel vulnerability

Dear all,

As published today in several online sources, cPanel has been compromised. As far as I know, Runbox uses cPanel for their webhosting offers. I am not an expert and do not fully understand the implications this may have, but I would highly value if someone (ideally from Runbox) could answer the following questions:

a - Is there any need for immediate actions to be taken by Runbox users?
b - Does this problem affect the security of Runbox as a whole?
c - Is there any need for immediate actions on the end of the Runbox admins? Are they aware of the problem?

BR,
gecko
gecko is offline   Reply With Quote

Old 8 Mar 2013, 05:49 AM   #2
kservik
Cornerstone of the Community
 
Join Date: Sep 2005
Location: Oslo, Norway
Posts: 555

Representative of:
Runbox.com
I only know about this issue; http://cpanel.net/2013-02-26-cpanel-...-34-and-11-36/

We update the servers using Cpanel daily, so this was fixed when Cpanel deployed their fix.

Kim
kservik is offline   Reply With Quote
Old 10 Mar 2013, 01:12 PM   #3
carverrn
Intergalactic Postmaster
 
Join Date: Jan 2002
Location: Chicago, IL
Posts: 5,606

Representative of:
Runbox.com
b - Does this problem affect the security of Runbox as a whole?

No, the web hosting server is separate from the email server.

Rich
carverrn is offline   Reply With Quote
Old 11 Mar 2013, 04:58 AM   #4
gecko
Senior Member
 
Join Date: Feb 2010
Posts: 107
If I remember right, it's a bit of a tricky situation. I think I remember that is was not about the actual cPanel installation but about the support system of the vendor of cPanel. I understood that the admin passwords (not sure for what, though) of people having contacted cPanels support within the last half year might have been compromised.

Just my two cents.

BR,
gecko
gecko is offline   Reply With Quote
Old 12 Mar 2013, 09:21 AM   #5
emebrs
Essential Contributor
 
Join Date: Dec 2012
Posts: 305
Quote:
Originally Posted by carverrn View Post
the web hosting server is separate from the email server.
Forgive me for having a vague question, but I would like to know more about this. Especially with respect to authentication. So far I have avoided Runbox web hosting because I believed it would add more vulnerabilities to my mail. Does the web hosting use the same password as the mail hosting?
emebrs is offline   Reply With Quote
Old 12 Mar 2013, 11:20 AM   #6
carverrn
Intergalactic Postmaster
 
Join Date: Jan 2002
Location: Chicago, IL
Posts: 5,606

Representative of:
Runbox.com
Quote:
Originally Posted by emebrs View Post
Forgive me for having a vague question, but I would like to know more about this. Especially with respect to authentication. So far I have avoided Runbox web hosting because I believed it would add more vulnerabilities to my mail. Does the web hosting use the same password as the mail hosting?
The web hosting server is a dedicate serve for web hosting. It has no connection to the email server. Web hosting accounts have separate usernames and passwords.

Regards,
Rich
carverrn is offline   Reply With Quote
Old 12 Mar 2013, 11:37 AM   #7
carverrn
Intergalactic Postmaster
 
Join Date: Jan 2002
Location: Chicago, IL
Posts: 5,606

Representative of:
Runbox.com
Quote:
Originally Posted by gecko View Post
If I remember right, it's a bit of a tricky situation. I think I remember that is was not about the actual cPanel installation but about the support system of the vendor of cPanel. I understood that the admin passwords (not sure for what, though) of people having contacted cPanels support within the last half year might have been compromised.

Just my two cents.

BR,
gecko
The information I read indicated that it was the cPanel support center that was compromised. The root passwords where those of customers who had to provide their root passwords to cPanel support to investigate problems.

Regards,
Rich
carverrn is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 11:40 AM.

 

Copyright EmailDiscussions.com 1998-2013. All Rights Reserved. Privacy Policy