Type: Arbitrary File Overwrite
Vulnerable Version: v1.43
Fixed Version: v1.44
DirectAdmin is a graphical web-based web hosting control panel designed to make administration of websites easier.
There is a flaw within the backup system that allows an attacker to overwrite any file on the server, including root owned files, which could ultimately render a server inoperable.
Proof of Concept:
Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.
We have deemed this vulnerability to be rated as HIGH due to the fact that a normal user can render a server inoperable.
This vulnerability was tested against DirectAdmin v1.43 and is believed to exist in all prior versions.
This vulnerability was patched in DirectAdmin v1.44.
Vendor Contact Timeline:
2013-06-22: Vendor contacted via email.
2013-06-22: Vendor confirms vulnerability.
2013-09-26: Vendor issues v1.44 update.
2013-10-07: Rack911 issues security advisory.