Dannn

Registered
PartnerNOC
Mar 21, 2014
1
0
1
cPanel Access Level
Website Owner
Good afternoon,

First of all sorry of possible mistakes on my communication.

My cPanel website has been tested by an Audit Company in order to gain a license for our bussiness.

This test check outs different security vulnerabilities that a website or a server has got.

Sadly the report was not succesful. The weird thing is that the high risk issues appeared on the subdomain "webmail".

This subdomain is use in cPanel for accessing to webmail.

The High Risk details are these

===================================
References Bypassing Web Authentication and Authorization with HTTP Verb Tampering Affected items
Details / No details are available.

POST / HTTP/1.1 Cookie: webmailrelogin=no; webmailsession=%3aAfxTY3P1CSCi6H20_4Kt6ojyiSLUJci2WW8HWP2gnrh2cEOJOjjL0VYoj32xeHoT%2ca8b a84b5f287fd149c4fba97a79d4befc866004160b89a5bc970e73844df8208; session_locale=pl Host: webmail.panasonicproclub.com Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Acunetix-Product: WVS/8.0 (Acunetix Web Vulnerability Scanner - NORMAL) Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htm Accept: */* Request headers
Details /login/ No details are available.

POST /login/ HTTP/1.1 Cookie: webmailrelogin=no; webmailsession=%3aAfxTY3P1CSCi6H20_4Kt6ojyiSLUJci2WW8HWP2gnrh2cEOJOjjL0VYoj32xeHoT%2ca8 Request headers 4Acunetix Website Audit
ba84b5f287fd149c4fba97a79d4befc866004160b89a5bc970e73844df8208; session_locale=pl Host: webmail.panasonicproclub.com Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Acunetix-Product: WVS/8.0 (Acunetix Web Vulnerability Scanner - NORMAL) Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htm Accept: */*
=================================

There are the same, because going to Webmail on cPanel is the same if you put nothing or if you added /login.

Some ideas of if really exists problems of Verb Tampering on the Webmail Login access?
Is there a way to fix it, or to demonstrate that cPanel is secure in this task to show it to my business?

The cPanel version actually is WHM 11.42.0 (build 22)

And the server is a CENTOS 6.5.

Thanks in advance.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,202
363
Hello :)

Yes, disabling the proxy subdomains feature should address this issue as indicated in the previous post. Let us know if that helps.

Thanks.