Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

melange vulnerability

Discussion in 'General Discussion' started by Lem0nHead, Jun 16, 2004.

  1. Lem0nHead

    Lem0nHead Well-Known Member

    Sep 2, 2003
    Likes Received:
    Trophy Points:
    not a cpanel vulnerabilty, but cpanel has Melange chat server actived by default

    try to login (telnet?) to port 6666 of your server

    do you get >> Melange Chat Server (Version 1.10), Apr-25-1999?

    this program has a bug

    i didn't investigate it very much, but it's possible to change the EIP (pointer to program code) to somewhere else, maybe getting to run some program the ab(user) wants

    as far as i went, that's a not severe vulnerability, since this program is runned by 'nobody' user
    not a big deal, but yet a vuln ;)

    no patch is available yet, so if you think you can be affected by that, disable connections to port 6666 on your server

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice