From: Secunia Security Advisories (sec-advsecunia.com)
Date: Mon Jul 07 2003 - 09:27:19 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
cPanel Log File Script Code Injection Vulnerability

READ ONLINE:
http://www.secunia.com/advisories/9198/

CRITICAL:
Moderately critical

IMPACT:
Exposure of sensitive information

WHERE:
From remote

SOFTWARE:
cPanel 6.x

DESCRIPTION:
A vulnerability has been identified in cPanel, which can be exploited
by malicious users to gain knowledge of sensitive information.

The vulnerability is caused due to missing input validation in the
logging scripts for the screens "Error Log" and "Latest Visitors".
This can be exploited by sending a specially crafted HTTP request,
which will inject script code into the log file. When this is viewed
by the administrator, the script code will be executed in the browser
session.

Successful exploitation could disclose the content of cookies (eg.
authentication information) associated with the site running cPanel.

Example:
http://[victim]/"></a><script>alert(document.cookie);</script>

The vulnerability has been reported in cPanel 6.4.2-STABLE. However,
other versions may also be affected.

SOLUTION:
Upgrade to version 7.0:
http://www.cpanel.net/downloads.htm

REPORTED BY / CREDITS:
Ory Segal

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]