The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Verb Tampering Issue

Discussion in 'Security' started by Dannn, Mar 21, 2014.

  1. Dannn

    Dannn Registered
    PartnerNOC

    Joined:
    Mar 21, 2014
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Good afternoon,

    First of all sorry of possible mistakes on my communication.

    My cPanel website has been tested by an Audit Company in order to gain a license for our bussiness.

    This test check outs different security vulnerabilities that a website or a server has got.

    Sadly the report was not succesful. The weird thing is that the high risk issues appeared on the subdomain "webmail".

    This subdomain is use in cPanel for accessing to webmail.

    The High Risk details are these

    ===================================
    References Bypassing Web Authentication and Authorization with HTTP Verb Tampering Affected items
    Details / No details are available.

    POST / HTTP/1.1 Cookie: webmailrelogin=no; webmailsession=%3aAfxTY3P1CSCi6H20_4Kt6ojyiSLUJci2WW8HWP2gnrh2cEOJOjjL0VYoj32xeHoT%2ca8b a84b5f287fd149c4fba97a79d4befc866004160b89a5bc970e73844df8208; session_locale=pl Host: webmail.panasonicproclub.com Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Acunetix-Product: WVS/8.0 (Acunetix Web Vulnerability Scanner - NORMAL) Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htm Accept: */* Request headers
    Details /login/ No details are available.

    POST /login/ HTTP/1.1 Cookie: webmailrelogin=no; webmailsession=%3aAfxTY3P1CSCi6H20_4Kt6ojyiSLUJci2WW8HWP2gnrh2cEOJOjjL0VYoj32xeHoT%2ca8 Request headers 4Acunetix Website Audit
    ba84b5f287fd149c4fba97a79d4befc866004160b89a5bc970e73844df8208; session_locale=pl Host: webmail.panasonicproclub.com Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Acunetix-Product: WVS/8.0 (Acunetix Web Vulnerability Scanner - NORMAL) Acunetix-Scanning-agreement: Third Party Scanning PROHIBITED Acunetix-User-agreement: http://www.acunetix.com/wvs/disc.htm Accept: */*
    =================================

    There are the same, because going to Webmail on cPanel is the same if you put nothing or if you added /login.

    Some ideas of if really exists problems of Verb Tampering on the Webmail Login access?
    Is there a way to fix it, or to demonstrate that cPanel is secure in this task to show it to my business?

    The cPanel version actually is WHM 11.42.0 (build 22)

    And the server is a CENTOS 6.5.

    Thanks in advance.
     
  2. vanessa

    vanessa Well-Known Member
    PartnerNOC

    Joined:
    Sep 26, 2006
    Messages:
    817
    Likes Received:
    22
    Trophy Points:
    18
    Location:
    Virginia Beach, VA
    cPanel Access Level:
    DataCenter Provider
    Go into WHM -> Tweak Settings and disable Proxy Domains.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Yes, disabling the proxy subdomains feature should address this issue as indicated in the previous post. Let us know if that helps.

    Thanks.
     

Share This Page