cPanel TSR-2015-0001 Full Disclosure

C

cPanel

Guest
cPanel TSR-2015-0001 Full Disclosure SEC-1 Summary Arbitrary code could be executed as other accounts with RUID2/ITK enabled. Security Rating cPanel has assigned this vulnerability a CVSSv2 score of 4.9 (AV:N/AC:M/Au:S/C:p/I:p/A:N) Description The WHM “Apache mod_userdir Tweak” interface incorrectly allowed the exclusion of specific users from userdir protection when mod_ruid2 or …

Continue reading...
 
Top