spareknet.org
Customized CPanel Solutions / Server Administration

Home
Security

cPanel exploit - 09/23/06

Update - 09/26/06

New patch has been released:

http://layer1.cpanel.net/installer/sec092506.pl

A new thread has also been opened concerning this:

http://forums.cpanel.net/showthread.php?t=58134



A cPanel exploit was discovered that apparently raises escalation privileges for normal users. The exploit is a local exploit, which means a user must first have an account or be able to gain access to a cPanel account before initiating this exploit. cPanel developers have released a patch to temporarily prevent this, and from my understanding they are continuing to check over other pieces of code and a more robust patch may be released at a later time.

Administrators are encouraged to update cpanel by running:

/scripts/upcp

on their servers. This will apply patches to the affected system.

Also a script has been written by Nick from cPanel that checks to insure that your system is patched against this. The script is downloaded from the thread at:

http://forums.cpanel.net/showpost.php?p=272643&postcount=65

Or, I have made this script locally available at:

cpanel_exp_check_09_24_06.pl

To run the script, just download the script to your server and run it with perl:

perl cpanel_exp_check_09_24_06.pl

More information concerning this exploit is available at the cPanel forums:

http://forums.cpanel.net/showthread.php?t=58090