Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

cPanel 11.x => List Directories and Folders

From: xx_hack_xx_2004 () hotmail com
Date: 18 Mar 2008 13:21:22 -0000
Hello,, 

I Discovered a new bug in cPanel to show the directions (Folders Only) on the server

in Disk Usage part

for example, I tried to see the folders in /etc

and it worked !

that would show you a list of directions of folders

and that including programes on the server, this could be dangerous !

the attacker may use the exploit to see programes on the server and find bugs for them 

also you may see the directions of backups in the server

also you have the permission to see the folders in other websites on the server which is been protected by firewall


tested on / cPanel version 11.18.3

to see more information & Exploits for this bug /

http://www.lezr.com/exploits/id/156

Discovered by Linux_Drox

Best Regards,,

L-G-H TEAM

LeZr.Com Group : The Arab Center For Pirates
www.LeZr.Com
Previous By Date Next
Previous By Thread Next

Current thread: