A Linux Hosting Server with cPanel Software installed, which help administrator to create, delete, modify, bandwidth or disk allocation, reseller account, in a word all kind of work can done by it's web based GUI from any software. By Default This cPanel Software use Exim, a Mail Transfer Agent (MTA) to receive or delivery email both incoming and outgoing server.
As Exim is an Open Source, Free Software and cPanel Developers Customize to fit on cPanel web interface without hampering it's main work, mail transfer system.
On Web Hosting Industries, cPanel is used by most of Hosting Provider, from very small to large organization like ThePlanet use this GUI (Graphical User Interface).
Recently cPanel Developer Team, who work to find and fix security related issue on software discover a very big problem on Exim MTA, which could give access to run any script as root, though he is a non-shell, hosting only user.
cPanel's Public Relation Division has issued a WARNING messages to ALL administrator of cPanel user to fix the problem, which is describe bellow:
If you need more deep information, please visit the link bellow:
I have already fix it on all server maintain by me. I am requesting you to do the fix as soon as possible. This is real thread to your server. If you don't fix this problem, any of your web hosting user can get root access on your Hosting Server.
So, before they know this security problem, fix it as soon as possible.
Noor Ahamed Bauani
IT Consultant from Bangladesh