cPanel – Content Manipulation (R911-0021)

Type: Content Manipulation
Impact: High
Product: cPanel
Website: http://www.cpanel.net
Vulnerable Version: All versions prior to the fixed builds below.
Fixed Version: 11.38.0.15, 11.36.1.8, 11.34.1.18 & 11.32.6.7.
CVE: -
R911: 0021
Date: 2013-06-11
By: http://www.rack911.com

Product Description:

cPanel is an easy-to-use control panel that gives web hosts and the website owners they serve, the ability to quickly and easily manage their servers and websites. Web Host Manager (WHM) is a part of the cPanel software, often used by resellers and system administrators.

Vulnerability Description:

There is a flaw within WHM that allows an attacker to access a file used by the locale function that would allow them to modify certain content and possibly elevate privileges.

Proof of Concept:

Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.

Impact:

We have deemed this vulnerability to be rated as HIGH due to the fact that root owned content can be modified.

Vulnerable Version:

This vulnerability was tested against cPanel (WHM) v11.36.1.5 and v11.38.0.13 and is believed to exist in all prior versions.

Fixed Version:

This vulnerability was patched in cPanel v11.38.0.15, v11.36.1.8, v11.34.1.18 & v11.32.6.7.

Vendor Contact Timeline:

2013-05-16: Vendor contacted via email.
2013-05-17: Vendor confirms vulnerability.
2013-06-05: Vendor issues updates to all builds.
2013-06-11: Rack911 issues security advisory.