PDA

Bekijk Volledige Versie : Kloxo hack meldingen / Kloxo Exploit



Active8
29/01/14, 16:06
Er wordt nu vanaf diverse VPS/Dedi aanbieders mails rondgestuurd dat er grote veiligheids problemen hiermee zijn en dat er maatregelen tegen deze software wordt genomen op hun VPS en en Dedi s, deze worden verwijderd en of suspended

Voor alle hosters die kloxo aanbieden /op hun servers hierbij dus een waarschuwing !!!!!

Hieronder 1 van de div mails

Since this morning, we have been combating multiple DDoS attacks across all of our locations. Upon further investigation, this is stemming from compromised VPS containers that utilize the Kloxo control panel software.

We have been made aware of an active zero day exploit in Kloxo with no workaround available. Essentially the exploit spawns a large number of httpd processes that allows the affected system to participate in a DDoS.

We kindly request your immediate attention into this matter, and ask that if you are running Kloxo that you disable it immediately.

Due to the fact that Kloxo developers are inactive and appears to be poorly written, along with the severity of this zero day exploit, we are prohibiting Kloxo to be ran on our VPS servers moving forward in order to protect our network and our users. We believe this is the best resolution, as Kloxo is not a secure software that should be used in any production environment. If your VPS is currently running Kloxo, please wipe your Kloxo install immediately