Newer Cpanel Sploit

by admin

Tuesday, June 8th, 2004 at 9:45 pm

posted by pingywon
..:::UPDATE:::..
Look at bottom of post for new updates

There is a rather (not completely) new Cpanel exploit which will compromise Linux/Apache boxes (imagine that – IIS actually not being effected)

.:read Fullnews for story and link:.
:CpanelSploit:.

SEVERITY:

High, Arbitrary Execution as Arbitrary User

PROBLEM DESCRIPTION:

Flaws in how Apache’s suexec binary has been patched by cPanel when configured for mod_php, in conjuction with cPanel’s creation of some perl scripts that are not taint clean, allow for any user to execute arbitrary code as any other user with uid above UID_MIN ( uid >= 100).

IMPACT:

Unfortunately, cPanel comes with mod_php installed by default, so all systems are vulnerable right out of the box. Any local user can comprimise the whole system.

SYSTEMS AFFECTED:

All systems where Apache has been compiled WITHOUT mod_phpsuexec, (most systems using cPanel software), are vulnerable. Those configurations that compiled Apache WITH mod_phpsuexec are NOT

VULNERABLE.

Apache versions 1.3.31 and below are VULNERABLE.

All cPanel versions (STABLE, RELEASE, CURRENT, and
EDGE) up through and including 9.3.0-EDGE_95 are VULNERABLE.

RedHat 7.3, 8.0, 9, and Enterprise Linux, Fedora, and FreeBSD OS have been verified vulnerable. All others are probably vulnerable too.

PROOF OF CONCEPT:

See top of post for php download

~pingywon ya heard it hear second

Your IP: 172.71.254.97
Hostname: 172.71.254.97

We love our country, but fear our government.

https://www.voleybolum.org/
https://www.arschorus.com/
https://nanucloud.com/about-us/
https://www.ucandaire.org/
https://nelsonhouseantiques.com/
https://www.bng-tech.com/en/
https://mikestgp.com/
https://mindspecialistsschool.com/site/about/
https://cherrylodgecancercare.org/
https://lsppetalindo.com/klien/
https://couprie.org/
https://tabaldefouta.org/
https://smyrnalibrary.org/
https://www.blueridgecafefloyd.com/
https://kaashitech.com/
https://tanglewood-neighbors.org/
https://cms.mindspecialistsschool.com/
https://shmechanicals.com/
https://hoteldesetrangers.com.tr/canakkale/
https://metalescamacho.com/nosotros/
https://www.5tips.co/freebies/
https://fcjcorredoresdeseguros.com/contacto/
https://poligreenperu.com/servicios/
https://webbasel.com/
https://abaclofen.com/
https://noobzinho.com/
https://aprilisarte.com/
https://elmentor.com.py/contact-us/
https://jmluque.gov.py/minutas/
https://perkimtan.sentanateknologi.co.id/
https://www.weldcounty150.org/
https://soteria-alaska.com/
https://servicio-maritimo.com/
https://xn--viasyparrasdelsur-gxb.com/contact/
https://sitiodato.com/contacto/
https://calientitas.club/21-2/
https://www.bdoentry.com/
https://richpointofview.com/
https://www.beingawoman.org/events/
https://www.hotelssilvassa.com/
https://www.tirarobots.com/
https://www.simetiket.com/referanslar/
https://www.kozhikodecitypolice.org/
https://forum-muzyczne.net/
https://cihangirescort.com/
https://cbdproductstrust.com/
https://tutgrodno.com/
https://www.poe-eureka.com/
https://brothersisterplays.org/
https://o.dijitalnesilakademisi.com/
https://cos.coop.py/creditos/
https://cakirgaraj.com/fiyat-listesi/
https://cakirogluikinciel.com/iletisim/
https://www.mitrajectoires.org/
https://vitalofc.org/
https://praunik.org/
https://haitileveproject.org/
https://pulaubidong.org/
https://adapazariescortbayanlar.com/
https://edoxycyclinep.com/
https://cengelkoyescortq.com/
https://ajedrezenmexico.org/
https://heavymetalencyclopedia.com/
https://ceritawarga.com/
https://www.zerfachaouis.com/
https://cantorscience.org/
https://grandinotizie.com/
https://annandalepei.com/
https://yazarmezar.com/
https://digitaldela.com/about-us/
https://eximtouch.com/
https://themontagemedia.com/
https://niirahhs.com/
https://toppersmindset.com/
https://www.ipamp.com.br/
https://fjicd.edu.pk/
https://dev.ragat.id/