Monday, 19 April 2010
Footnote: I've just spoken to Hostek and they informed me they're aware of the issue, and it only affects one of their servers.
Sadly, they've said it's got a "special configuration" and cannot be changed (i.e. cannot be secured), so whilst they will move the sites for customers that request such, they won't do anything to close the vulnerability.
Hat tip to Holger at MDL for the heads up.
I've heard back from "Brian A" at Hostek, who has informed me, they've now secured the server. I'm awaiting confirmation of this from the author at securi.net.
Posted by MysteryFCM at 12:42