[VIM] 17136: Lpanel diagnose.php Arbitrary Domain DNS Setting Reset DoS (fwd)

security curmudgeon jericho at attrition.org
Fri Jun 10 04:33:01 EDT 2005

---------- Forwarded message ----------
From: Michael Cruz <mike at lpanel.net>
To: moderators at osvdb.org
Date: Fri, 10 Jun 2005 01:25:16 -0400
Subject: [OSVDB Mods] [Change Request] 17136: Lpanel diagnose.php Arbitrary
     Domain DNS Setting Reset DoS

Lpanel team has released an update within an hour of this discovery as noted by 
the change log:

Please note this user spamed our server forums and also threatended to send 
future discoveries to private mailing lists which is in a way a direct attack 
coming just hours before the hostingcon expo.

version 1.597 was released within an hour of the public posting on 3AM 6/6/05

A timely report has surfaced naming nearly 6 vulnerabilities found in Lpanel. 
These issues were fixed within the hour of our forums being spammed with the 
information. Please read here for more information: 
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034413.html Please 
be sure to update to this version. We will continue to perform security audits 
on Lpanel to discover any other similar issues, if any are found we will 
address them in the next couple days.

Confirmation is also noted by our users:

Any questions please contact mike at lpanel.net


More information about the VIM mailing list