New Kloxo Exploit - Thousands of Servers Compromised

Yesterday a new exploit for the hosting control panel "Kloxo" was discovered. The hackers are using an SQL vulnerability in Kloxo to gain access the the system and then use it to send DDoS. Hundereds of hosting providers are affected and started to suspend servers that were running Kloxo. There is an ongoing discussion on WHT about this. If you are a hosting provider, you should notify your clients immediately. If you're running Kloxo, you should upgrade to Kloxo-MR immediately, which is a Kloxo fork which is still under active development and had this vulnerability patched a while ago. A better and more secure alternative to Kloxo would be ISPConfig.

 

I got the same warning from one of my VPS provider.. Good thing I am using ISPConfig

 

Yes, I don't recommend anyone to use Kloxo or it's forks, but rather ISPConfig or, if they like the interface, Webmin/Usermin.

 

Or cPanel

 

Or LiveConfig, yes, but since Kloxo is open source, I'm only suggesting more secure open source solutions here and no commercial ones.

 

i personally prefer virtualmin for open source control panel

 

Yeah, Kloxo being open source will always be susceptible from these exploits. Open source software normally requires 3rd party coding amendments. As technology progresses, it is necessary to keep open source systems 'hardened'. This go's for any open source software. I have never used Kloxo, so i guess i am lucky!

 

Not used it for years, but had to spread the news to clients sadly, it has never been maintained.

 

Yeah, that comes with open source software unfortunately. I hope your clients take the news well

 

Luckily only a select few use it a custom version, hopefully they change over

 

Do you know of the best sites to get near instant updates of security exploits on things like Kloxo, WHMCS, etc.

 

Check out: http://www.hostingseclist.com/