The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[resolved] Possible Security Issue

Discussion in 'Security' started by logikstudios, May 16, 2007.

  1. logikstudios

    logikstudios Well-Known Member

    Joined:
    Nov 2, 2006
    Messages:
    158
    Likes Received:
    0
    Trophy Points:
    166
    Hey. I have just discovered a massive security in the CPANEL 10.9 software. This problem is in the BACKUP FEATURE. If you do remote ftp back onto the same account. It will put the file in the account home directory and it will have this type of stuff accountname:ROOTPASSWORD@serverhostname.com


    This is a major problem and needs to be fixed stright away.

    Thanks,

    Nathaniel
     
    #1 logikstudios, May 16, 2007
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,277
    Likes Received:
    8
    Trophy Points:
    313
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Security issues should be emailed directly to security@cpanel.net so they can be addressed in a prompt manner.

    Remember, the cPanel Staff is not made aware of every thread posted here. While we attempt to assist those posting to the forum where appropriate - many threads may "fall through the cracks." It is for this reason (among many others) the forums are not an official means of communication and it is strongly encouraged that official communications with the cPanel Staff be handled through official channels rather than via the community forums.
     
    #2 cPanelDavidG, May 16, 2007
  3. logikstudios

    logikstudios Well-Known Member

    Joined:
    Nov 2, 2006
    Messages:
    158
    Likes Received:
    0
    Trophy Points:
    166
    Sorry about that. Can you please email them about this.

    Thanks,
    Nathaniel
     
    #3 logikstudios, May 16, 2007
  4. LP-Tim

    LP-Tim Active Member

    Joined:
    Apr 30, 2007
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    151
    Interesting.

    But why would you do remote FTP backup to the same account?
     
    #4 LP-Tim, May 16, 2007
  5. logikstudios

    logikstudios Well-Known Member

    Joined:
    Nov 2, 2006
    Messages:
    158
    Likes Received:
    0
    Trophy Points:
    166
    Because if you wanted to put it into a web directory where you could download it.
     
    #5 logikstudios, May 16, 2007
  6. DaveUsedToWorkHere

    DaveUsedToWorkHere Well-Known Member

    Joined:
    Dec 28, 2001
    Messages:
    689
    Likes Received:
    1
    Trophy Points:
    318

    I'm trying to get a grasp on this. You are sending all backups for a server to a specific account on the same server over ftp?

    What files contain root passwords? It's only account tarballs that are backed up. Here's a FTP backup to my account from the same server:

    Code:
    dave@server1 [~/cpbackup]# cd monthly/
dave@server1 [~/cpbackup/monthly]# ls
./   domain1.tar.gz       domain2.tar.gz   domain3.tar.gz   reseller.tar.gz
../  domain4.tar.gz  domain5.tar.gz  
dave@server1 [~/cpbackup/monthly]# cd ..
dave@server1 [~/cpbackup]# cd weekly/
dave@server1 [~/cpbackup/weekly]# ls
./   domain1.tar.gz       domain2.tar.gz   domain3.tar.gz   reseller.tar.gz
../  domain4.tar.gz  domain5.tar.gz  
dave@server1 [~/cpbackup/weekly]# cd ..
dave@server1 [~/cpbackup]# cd daily/
dave@server1 [~/cpbackup/daily]# ls
./   domain1.tar.gz       domain2.tar.gz   domain3.tar.gz   reseller.tar.gz
../  domain4.tar.gz  domain5.tar.gz
     
    #6 DaveUsedToWorkHere, May 16, 2007
  7. DaveUsedToWorkHere

    DaveUsedToWorkHere Well-Known Member

    Joined:
    Dec 28, 2001
    Messages:
    689
    Likes Received:
    1
    Trophy Points:
    318
    I did a grep -R "account:rootpass" * in my backup directory after extracting the archive and got no takers.


    Code:
    dave@server1 [~/cpbackup/daily]# tar -xzf reseller.tar.gz 
dave@server1 [~/cpbackup/daily]# cd reseller
root@server1 [/home/dave/cpbackup/daily/reseller]# grep -R "reseller:XXXX" *
root@server1 [/home/dave/cpbackup/daily/reseller]#
    XXXX intentionally obfuscated
     
    #7 DaveUsedToWorkHere, May 16, 2007
  8. LP-Tim

    LP-Tim Active Member

    Joined:
    Apr 30, 2007
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    151
    Yeah I'm not seeing it either.

    Not sure how this would be any different than backing up to a regular 'ole remote ftp server. Files is files, and ftp is ftp, eh?
     
    #8 LP-Tim, May 16, 2007
  9. zigzam

    zigzam Well-Known Member

    Joined:
    May 9, 2005
    Messages:
    206
    Likes Received:
    0
    Trophy Points:
    166
    I can not duplicate this on any of my servers.
     
    #9 zigzam, May 16, 2007
  10. logikstudios

    logikstudios Well-Known Member

    Joined:
    Nov 2, 2006
    Messages:
    158
    Likes Received:
    0
    Trophy Points:
    166
    Found the problem, I was logged into that account as root. Came from root WHM to the cpanel account.

    Thanks,
     
    #10 logikstudios, May 16, 2007
  11. DaveUsedToWorkHere

    DaveUsedToWorkHere Well-Known Member

    Joined:
    Dec 28, 2001
    Messages:
    689
    Likes Received:
    1
    Trophy Points:
    318
    I'm changing this thread's title as it is not valid
     
    #11 DaveUsedToWorkHere, May 17, 2007
(You must log in or sign up to post here.)
Loading...
Similar Threads - [resolved] Possible Security
  1. VMunich

    Is it possible to whitelist command/programs to be used by shell_exec?

    VMunich, Jul 3, 2017, in forum: Security
    Replies:
    4
    Views:
    83
    quizknows
    Jul 4, 2017
  2. Dave__W

    Global Wildcard Email Filter Possible?

    Dave__W, Jun 29, 2017, in forum: E-mail Discussions
    Replies:
    4
    Views:
    100
    Dave__W
    Jun 29, 2017
  3. Killy123

    Is it possible to add redirect to domain with cPanel API?

    Killy123, Jun 15, 2017, in forum: cPanel Developers
    Replies:
    4
    Views:
    135
    cPanelMichael
    Jul 20, 2017 at 10:21 AM
  4. Luca Sartori

    Use WHM as nameserver, risk and possible issue

    Luca Sartori, May 31, 2017, in forum: Bind / DNS / Nameserver Issues
    Replies:
    5
    Views:
    173
    cPanelMichael
    Jun 5, 2017
  5. Soeren E

    Possible to disable the mails boxtrapper sends?

    Soeren E, May 29, 2017, in forum: E-mail Discussions
    Replies:
    2
    Views:
    115
    cPanelMichael
    May 30, 2017

Share This Page