Cpanel Path Disclosure Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Cpanel Path Disclosure Vulnerability
From: Silversmith@xxxxxxxxxxxx
Date: 7 Mar 2006 16:48:31 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Cpanel hsa the vulnerability to discover the path of the files

exp:

loginto your cpanel account
goto fantastico
try to install one of the scripts ! exp: 4images
if the server set a permission on the /tmp , cpanel tmp files yuo should see 
this 

Warning: main(/home/userid/public_html/fantversion.php): failed to open stream: 
Permission denied in /tmp/cpanel_phpengine.1141746169.139471667.34290848584 on 
line 360

Warning: main(): Failed opening '/home/userid/public_html/fantversion.php' for 
inclusion (include_path='/usr/local/cpanel/3rdparty/lib/php/:.') in 
/tmp/cpanel_phpengine.1141746169.139471667.34290848584 on line 360

Warning: fopen(/home/cpanel/.fantasticodata/soholaunch.cache): failed to open 
stream: Permission denied in 
/tmp/cpanel_phpengine.1141746169.139471667.34290848584 on line 298


Ashiyane Digital Security Team

Prev by Date: Re: Various router DoS
Next by Date: Re: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities
Previous by thread: IM Lock 2006 - Insecure Registry Permission Vulnerability
Next by thread: Purple Paper: Exegesis Of Virtual Hosts Hacking
Index(es):
- Date
- Thread