Interworx – Content Disclosure (Root Access) #2 (R911-0011)

Type: Content Disclosure (Root Access)
Impact: High
Product: InterWorx
Vulnerable Version: v4.11.6 and v5.0.5
Fixed Version: v4.11.6 #473 and v5.0.5 #513
CVE: -
R911: 0011
Date: 2013-05-28

Product Description:

The InterWorx control panel is a Linux based dedicated server and VPS web control panel. It is feature rich for both the system administrator and website administrator. Supports software-based load balancing and clustering via a web interface.

Vulnerability Description:

The makemime binary (maildrop) has incorrect file permissions that makes it possible for an attacker to use a hardlink (ln) to sensitive files that could ultimately lead to a root compromise.

Proof of Concept:

Due to the nature of this vulnerability we are withholding the proof of concept until a later date to allow everyone ample time to update their software.


We have deemed this vulnerability to be rated as HIGH due to the fact that any file can be viewed regardless of ownership, including root files such as /etc/shadow and any private SSH keys.

Vulnerable Version:

This vulnerability was tested against InterWorx v4.11.6 + v5.0.5 BETA and is believed to exist in all prior versions.

Fixed Version:

This vulnerability was patched in InterWorx v4.11.6 #473 + v5.0.5 #513.

Vendor Contact Timeline:

2013-05-05: Vendor contacted via email.
2013-05-05: Vendor confirms vulnerability.
2013-05-20: Vendor issues v4.11.6 #473 update.
2013-05-20: Vendor issues v5.0.5 #513 update.
2013-05-28: Rack911 issues security advisory.