InterWorx – SiteWorx MySQL Password Disclosure Vulnerability (R911-0129)

Type: Password Disclosure
Location: Local
Impact: High
Product: InterWorx
Website: http://www.interworx.com
Vulnerable Version: v5.0.12 #569
Fixed Version: v5.0.13 #574
CVE: -
R911: 0129
Date: 2014-02-20
By: Rack911

Product Description

The InterWorx control panel is a Linux based dedicated server and VPS web control panel. It is feature rich for both the system administrator and website administrator. Supports software-based load balancing and clustering via a web interface.

Vulnerability Description

It is possible for a malicious user to obtain the MySQL password to the ‘iworx’ user when executing a carefully crafted shell command while performing various tasks within SiteWorx.

Impact

We have deemed this vulnerability to be rated as HIGH due to the fact that access to customer databases can be obtained as they are stored under the ‘iworx’ user.

Vulnerable Version

This vulnerability was tested against InterWorx v5.0.12 #569 and is believed to exist in all prior versions.

Fixed Version

This vulnerability was patched in InterWorx v5.0.13 #574.

Vendor Contact Timeline

2014-01-27: Vendor contacted via email.
2014-01-17: Vendor confirms vulnerability.
2014-02-19: Vendor issues update.
2014-02-20: Rack911 issues security advisory.