Cpanel advisory

2005-12-11T00:00:00
ID SECURITYVULNS:DOC:10589
Type securityvulns
Reporter Securityvulns
Modified 2005-12-11T00:00:00

Description

Advisory #2 $ Tittle: Cpanel demo account $ Author: UserMaster $ Contact: usermaster@gmal.com $ Date: Sunday,5 , 2005 $ Website: http://defacersecurity.com $ Risk: Medium $ Vendor URL: http://cpanel.net/

$ Affected Software: All builds on all platforms are vulnerable up to and including (9.1.0 build 34).

Note: Sorry if it has been notifiyed before

-= Description =-

Cpanel has an open ftp/cpanel account called cpdemo or demo which maybe very dangerous to a server because the demo account includes ftp account and it maybe use by a malicious attacker to hack the server.

http://cpanel.net/


-= Vulnerabilities =-

  • | "Cpanel demo account" |

The vulnerability is that cpanel have an open ftp/cpanel account by default called demo or cpdemo which maybe use by an attacker to hack into a server by uploading a php shell or other tools.


This is just an example to what can be done by a malicious attacker.

http://thesonichost.com/~cpdemo/


Example

-= How to FIX =- They may disabled the ftp account for demo mode in cpanel.

-= Contact =-

UserMaster

UserMaster (at) gmail (dot) com

http://www.defacersecurity.com


Greetz: Efacing, Nav, 0k4r, IWol, Megabyte, Unkown_err0r, The_Analyzer, Su_r00t, Makoki, Utech, RedPoint.