Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   cPanel Vendors:   cPanel, Inc.
cPanel Input Validation Flaw in 'Email' Parameter Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1020042
SecurityTracker URL:
CVE Reference:   CVE-2008-2478   (Links to External Site)
Updated:  May 30 2008
Original Entry Date:  May 19 2008
Impact:   Root access via local system
Exploit Included:  Yes  

Description:   A vulnerability was reported in cPanel. A local user can obtain elevated privileges on the target system.

A local user can invoke the 'wwwact' command and create an account with a specially crafted e-mail address to execute arbitrary commands on the target system with reseller privileges.

Ali Jasbi of IHST security & hacking Research team reproted this vulnerability.

Impact:   A local user can obtain elevated privileges on the target system.
Solution:   No solution was available at the time of this entry.
Vendor URL: (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.

 Source Message Contents

Subject:  Cpanel all version >> root access with a reseller account.

By : Ali Jasbi ( IHST security & hacking Research team)
Vendor :
Version : ALL !!
Risk : Very high
What u can do with this bug is :
u can have a access to all the server with reseller privilege (Th3 r00t)
how it's work ?
when u want to create an account in shell what will happen ?
./script/wwwact [domainname] [username] [password] [Email address] lab lab lab
that u can run it with a web base program ! ( cpanel : doamin:2086)
example :
http://domain:2086/scripts/wwwacct  [domainname] [username] [password] [Email address] lab lab lab
it means you got a access to wwwacct in the scripts folder (Th3 r00t)
so u can run other command with root access like that
./scripts/wwwactt domain password;./home/hackerz/public_html/ ( your command now is ./home/hackerz/public_html/
that u can Likewise run it on  the web base program.what u need to do is just write;./home/hackerz/public_html/
 in Email text box when u want to create an account.
Test it:
Step 1

Save this file in /home/user/public_html/ .
rename $old, $new;
step 2 

make a text file named test.txt in your public_html directory.
path will be : /home/user/public_html/test.txt .
step 3

create an account and write;./home/user/public_html/ in E-mail Address text box
then click on the "create" button.
Yes , you can find your file in /home/root/ .
you can run your own code !(mass defacer, exploit's or everything that u want).
Enjoy it...


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC