Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

slight security problem... root access...

Discussion in 'Security' started by Curto, Dec 10, 2003.

  1. Curto

    Curto Active Member

    Joined:
    Sep 4, 2003
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    NY, USA
    OK,

    I think I've found a bug...

    I was just logging into WHM (I am root) and accidentally put 'rot' as the username and put the correct password... and I noticed it just as I pressed enter.

    But... it worked... I logged in as root, without using the root username.

    What would happen if by chance a user on my system had the same password... and they misspelt their username, would they get root access???

    Maybe this should be a priority for the next update.

    My server is running:
    WHM 8.5.4 cPanel 8.5.4-R72
    RedHat 9 - WHM X v2.1.1

    I just tried it on another server of mine by putting 'anything' as the username... and it worked.

    My login was not cached as I'd only just booted up my desktop pc, and my browser is set to not remember passwords or usernames.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Curto

    Curto Active Member

    Joined:
    Sep 4, 2003
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    NY, USA
    I have reported this bug as # 31972

    I sure hope they fix this quickly... maybe they could offer ip-restrictions so root access can only be from a list or range of ip addresses too...

    cPanel.net Support Ticket Number: 31972
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    4
    Trophy Points:
    343
    Location:
    ON, Canada
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Curto

    Curto Active Member

    Joined:
    Sep 4, 2003
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    NY, USA
    Oh well...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice