• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: cPanel Remote Backup Information Disclosure Vulnerability

Severity: HIGH

Description:

cPanel is a multi-platform web hosting control panel that allows a user to manage their hosted account through a web-based interface. It is available for Unix and Linux variants.

It is reported that cPanel is susceptible to an information disclosure vulnerability in its remote backup function.

cPanels web interface allows user to download complete backups of their hosted environment. This backup function results in compressed tar file that contains a recursive copy of all files contained in the users home directory. It is conjectured that this backup function operates with superuser privileges.

Unix platforms allow users to make hard links of files they cannot read, and/or files they don't own. The only requirement is that they have write access to the destination directory. This allows users to create hard links to any file located in the same slice as their home directory. Once the hard link is created in the users home directory, the backup function will include the contents of the file in the archive. The user downloads the backup archive and then has access to the potentially sensitive files they created hard links of.

Attackers can reportedly exploit this vulnerability to retrieve the contents of potentially sensitive files located in the same slice as their home directory. This may aid them in further attacks.

Version 9.4.1-RELEASE-64 of cPanel was reported vulnerable. Other versions may also be affected.

Affected Products:

• cPanel cPanel 9.4.1 -R64

References:

• cPanel: cPanel Homepage

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.