Malware Domain List

Malware Related => Tools of the trade / Internet News => Topic started by: SysAdMini on April 19, 2010, 04:55:36 pm

Title: Hostek is putting their customers at risk
Post by: SysAdMini on April 19, 2010, 04:55:36 pm
http://blog.sucuri.net/2010/04/hostek-is-putting-their-customers-at.html

Quote
If you are hosting your site at Hostek.com, you are probably at a higher risk of being hacked. Why? Because they do not do the proper separation of accounts internally, so anyone can access the pages of everyone else.

How do we know that? We were helping a friend with his site over there and when we checked their permissions, we found a big (BIG) security hole on Hostek. Every PHP script is executed with the permissions of the user "nobody" (used by Apache), and every site allows the user "nobody" to access its files.

It means that any user can access the files from everyone else. Even worse, you can add and even modify the files under some circumstances.
Title: Re: Hostek is putting their customers at risk
Post by: MysteryFCM on April 19, 2010, 07:42:19 pm
I've just spoken to Hostek and they informed me they're aware of the issue, and it only affects one of their servers.

Sadly, they've said it's got a "special configuration" and cannot be changed (i.e. cannot be secured), so whilst they will move the sites for customers that request such, they won't do anything to close the vulnerability.