Portal Home > Knowledgebase > Articles Database > cPanel - Content Manipulation Vulnerability (R911-0041)
Posted by Steven, 07-18-2013, 10:26 PM Product Description: cPanel is an easy-to-use control panel that gives web hosts and the website owners they serve, the ability to quickly and easily manage their servers and websites. Web Host Manager (WHM) is a part of the cPanel software, often used by resellers and system administrators. Vulnerability Description: There is a flaw within WHM that allows an attacker to add, delete and/or modify any DNS zone on the server. The end result is that an attacker would be able to hijack a domain hosted on the same server or the DNS cluster if used. Proof of Concept: Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date. Impact: We have deemed this vulnerability to be rated as HIGH due to the fact that any DNS zone can be modified. Vulnerable Version: This vulnerability was tested against cPanel 11.38.1.5 and is believed to exist in all versions prior to the fixed builds below. Fixed Version: This vulnerability was patched in cPanel 11.39.0.5, 11.38.1.13, 11.36.1.15, 11.34.1.25. Vendor Contact Timeline: 2013-06-27: Vendor contacted via email. 2013-06-27: Vendor confirms vulnerability. 2013-07-15: Vendor issues updates to all builds. 2013-07-18: Rack911 issues security advisory.
Add to Favourites Print this Article