I reported this bug on 2006-06-09 ! http://bugzilla.cpanel.net/show_bug.cgi?id=4282 I was not released the bug because the vendor doesnt released the patch . With regards, http://securitynews.ir/ > discovery by the staff of http://MexHackTeam.org