[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] SolusVM WHMCS module privilege escalation, also libcurl vuln?

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] SolusVM WHMCS module privilege escalation, also libcurl vuln?
From: Sven Slootweg <admin@xxxxxxxxx>
Date: Sun, 23 Jun 2013 22:07:57 +0002

Ran across a new post on a blog I frequently visit:http://localhost.re/p/solusvm-whmcs-module-316-vulnerability

It describes a privilege escalation vulnerability in the WHMCS modulefor SolusVM that basically lets you do anything, but if I'm reading itcorrectly, it appears to be a result of a vulnerability - or at thevery least weakness - in the implementation of libcurl; in particular,weak randomness in generating the form boundary.


Thoughts?

Note: I'm not the author of this exploit (it's actually quite a bitbeyond my capabilities), I just ran across it and decided to post heresince it doesn't seem to be discussed anywhere. Just to avoid peoplemaking incorrect assumptions... again :)


- Sven Slootweg

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] SolusVM WHMCS module privilege escalation, also libcurl vuln?
  - From: Źmicier Januszkiewicz

Prev by Date: [Full-disclosure] HKSAR Government issues statement on Edward Snowden
Next by Date: Re: [Full-disclosure] SolusVM WHMCS module privilege escalation, also libcurl vuln?
Previous by thread: [Full-disclosure] HKSAR Government issues statement on Edward Snowden
Next by thread: Re: [Full-disclosure] SolusVM WHMCS module privilege escalation, also libcurl vuln?
Index(es):
- Date
- Thread