Cpanel Request Lets Authenticated Users Conduct Cross-Site Scripting Attacks

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Cpanel Request Lets Authenticated Users Conduct Cross-Site Scripting Attacks
From: Fable <fable@xxxxxxxx>
Date: 12 Mar 2004 04:47:30 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm


####################################################
#Advisory Name: Cpanel Request Lets Authenticated Users Conduct Cross-#Site 
Scripting Attacks
#Discovered by: Fable
#Greets: 0x29A Crew, !AM Crew, Atomix, d3thstar, mgrd, rootthief.com.
#Versions: ??
####################################################

###Description###

cPanel & WebHost Manager (WHM) is a next generation web hosting control panel 
system. Both cPanel & WHM are extremely feature rich as well as include an easy 
to use web based interface.

###vulnerability Description###

Authenticated users are able to run cross-site scripting attacks. I noticed 
this vulnerability when trying to password protect a dictory. Here is an 
example of how you could run script on the cpanel server

http://targetserver.com:2082/frontend/x/htaccess/dohtaccess.html?dir=>&lt;script&gt;alert(0x29A
 Crew)&lt;/script&gt;

You are able to run all sorts of HTML on the target server, iframes, ect. 

-Fable [fable@xxxxxxxx]

Prev by Date: [OpenPKG-SA-2004.006] OpenPKG Security Advisory (uudeview)
Next by Date: Metamail 'extcompose' script Symlink Vulnerability
Previous by thread: [OpenPKG-SA-2004.006] OpenPKG Security Advisory (uudeview)
Next by thread: Metamail 'extcompose' script Symlink Vulnerability
Index(es):
- Date
- Thread