The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security issues on Proftp on R-113

Discussion in 'Security' started by speckados, Nov 12, 2004.

  1. speckados

    speckados Well-Known Member

    Joined:
    May 21, 2003
    Messages:
    291
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Acequias :: Granada :: España
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    WHM 9.9.8 cPanel 9.9.8-R113 Fedora i686 - WHM X v3.1.0

    With original config of proftpd, abny user (jailshelo r normal shell) anby user got to kiktchen (/root, /etc/ /home) and download, see all files with temerary permissions.

    DefaultRoot ~ !wheel // <<< That it's wrong
    If change to DefaultRoot ~
    User are chrooted
     
    #1 speckados, Nov 12, 2004
    Last edited: Nov 12, 2004
  2. Aric1

    Aric1 Well-Known Member

    Joined:
    Oct 15, 2003
    Messages:
    324
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
  3. speckados

    speckados Well-Known Member

    Joined:
    May 21, 2003
    Messages:
    291
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Acequias :: Granada :: España
    cPanel Access Level:
    DataCenter Provider
    Twitter:
  4. Aric1

    Aric1 Well-Known Member

    Joined:
    Oct 15, 2003
    Messages:
    324
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    Update your post above with the link to the bug you submitted when you get a chance. It increases your chances. :)
     
  5. nickn

    nickn Well-Known Member
    PartnerNOC

    Joined:
    Jun 15, 2003
    Messages:
    619
    Likes Received:
    1
    Trophy Points:
    18
  6. speckados

    speckados Well-Known Member

    Joined:
    May 21, 2003
    Messages:
    291
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Acequias :: Granada :: España
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    On every server I've a user with normal permission (no whell user, jailshell) for testing, problems: Mail, ftp, and other issues
     
Loading...

Share This Page