cPanel TSR-2020-0002 Full Disclosure

cPanelPhilH

Community Manager
Staff member
Feb 6, 2019
57
20
83
Houston
cPanel Access Level
Root Administrator
SEC-505



Summary


Bandwidth suspensions can be triggered remotely via mail log strings.

Security Rating

cPanel has assigned this vulnerability a CVSSv3 score of 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Description

The regular expression patterns used to match bandwidth log lines in the mail log were not properly anchored. This allowed remote attackers to generate fake bandwidth consumption for an account.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.86.0.14
11.84.0.22
11.78.0.47



SEC-540



Summary


cPanel account backup leaks access to current working directory.

Security Rating

cPanel has assigned this vulnerability a CVSSv3 score of 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L

Description

Access to the current working directory of the root user was leaked to unprivileged users when cPanel & WHM's backup scripts were executed.

Credits

This issue was discovered by the cPanel Security Team.

Solution

This issue is resolved in the following builds:
11.86.0.14
11.84.0.22
11.78.0.47



For the PGP-signed message, please see: http://news.cpanel.com/wp-content/uploads/2020/03/TSR-2020-0002.disclosure.signed.txt.