I am a web host administrator for a decent size host. I have a client that is using:
New Installation (126.96.36.199)
Now I understand this is not the highest version that has been released. However, this is according to Fantastico. (Self Installed Scripts Service) that we provide through cPanel.
My question is, are their any known security exploits between the newest version 1.9.11, and 188.8.131.52 that would cause an account compromise? I have scanned through the clients account and no other scripts can be found within the account. Root level security is as tight as it can get almost for CentOS 5. If there are indeed exploits that can be used to cause this, my next move will be with Fantastico.
If anymore information is needed, please let me know. I am confident that there are no other scripts on the account and the client appears to have sufficient protection against their local computer, long unique passwords on everything, and is the only one accessing his account. I know this does not rule it out, but I am going with the obvious first.
Thanks for any input.