Re: cPanel/WHM demo account problems
In-Reply-To: <NGEHLEPKOGIHAIJAMDPKEEOBCIAA.bugtraq@xxxxxxxxxxxx>
If you read the changelog you would have noticed this was fixed over a month
ago.
http://layer1.cpanel.net/ChangeLog.cgi?output=html
Laziness is no excuse for not reporting vulnerabilities to a vendor first. If
you can sign up to bugtraq to report an old, already fixed hole, then creating
a bugzilla login surely can't be too much trouble.
You can simply email security@xxxxxxxxxx with information as well.
As a vendor we take legitimate security concerns very seriously and usually
have a fix released within a few hours of notification, it's a shame some
people don't try to take advantage of this effort.