Security issue with web hosting

Portal Home > Knowledgebase > Articles Database > Security issue with web hosting

Posted by paul_42, 11-30-2010, 05:33 AM
Hello everyone, I just wanted your opinion on some specific security issue i encountered concerning the web hosting company I've subscribed to. This company provides an HTML administrative interface on which each user have a single administrative account to manage ALL of their websites registered to this hoster. This include management of SSH accounts, FTP accounts, email address, as well as some part of the domain names management... So, this is a pretty critical point of failure. The various administrative consoles are loaded into iframes from a third party server. This third party server set a third party cookie in addition to the one that is set by the administrative interface itself. The problem is that this third party cookie is not cleared when you logout from the interface, only the admin interface cookie. So, you return to the login screen from the administrative interface (apparently unauthenticated), but you can still access the iframes consoles with full rights granted, as long as you don't close your browser or manually clear your cookies. The only thing that you have to do, is get a url from the browser cache and replay it (the url is partly auto-generated, so you have to get it either from the cache or from the source of a open page) to access the iframe in which the administrative console was. This issue is not really hard to find. You can easily get some hints about it, since you will encounter problems with all the browsers that (wisely) don't accept third party cookies by default, like safari. So, basically, what we have here is an administrative interface that keep you silently logged-in after having explicitly requested a logout. I have two questions on this topic: - Do you have any advice on how I can put pressure on my web host to do something to fix this ? (they have silently ignored my mail so far). I know the risk, and I'll be careful. But others may not have this luck. - How would you rate the security risk ? Non critical? Severe? Do you think I overreact? Your feedback would be deeply appreciated. Paul
Posted by cpanellover, 11-30-2010, 11:41 AM
hello, I would rate this as "HIGH RISK" why ? because they are 99% sure open to XSS(Cross Site Scripting) holes this also depends on how they validate user input but it's a high risk on your own you can't do verry much about it try to convince some fellow customers if more people start to complain they will listen sooner or later...
Posted by M Bacon, 11-30-2010, 12:05 PM
Who is your webhost? Do they have a custom control panel?

Add to Favourites Print this Article