Reply to post: cPanel's defaultwebpage.cgi not vulnerable

Bash bug: Shellshocked yet? You will be ... when this goes WORM

Phil Stark

cPanel's defaultwebpage.cgi not vulnerable

Our internal testing showed that /cgi-sys/defaultwebpage.cgi was not vulnerable by this exploit. It is not written in bash and does not make any calls to bash.

If you have evidence to the contrary, or are aware of any other CGI scripts distributed by cPanel that are vulnerable we would greatly appreciate it if you'd open a ticket with us with this information:


Phil Stark

Technical Support Supervisor

cPanel, Inc.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019