cPanel multiple scripts cross-site scripting

cpanel-multiple-scripts-xss (15671) The risk level is classified as MediumMedium Risk

Description:

cPanel is vulnerable to cross-site scripting. A remote attacker could embed malicious script in multiple parameters in a specially-crafted URL request to multiple scripts, which would be executed in the victim's Web browser within the security context of the hosting site, once the link is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

Platforms Affected:

  • cPanel, cPanel 9.1.0-R85

Remedy:

Upgrade to the latest version of cPanel (April 1, 2004 EDGE release), when it becomes available from the cPanel Inc. Web site. See References.

Consequences:

Gain Access

References:

  • VulnWatch Mailing List, Mon Mar 29 2004 - 18:51:40 CST, Exensive cPanel Cross Site Scripting at http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0069.html.
  • BID-10002: cPanel Multiple Module Cross-Site Scripting Vulnerabilities
  • BID-10003: TCPDump ISAKMP Delete Payload Buffer Overrun Vulnerability
  • BID-10004: TCPDump ISAKMP Identification Payload Integer Underflow Vulnerability
  • BID-10005: Interchange Remote Information Disclosure Vulnerability
  • BID-10007: Clam Anti-Virus ClamAV Arbitrary Command Execution Vulnerability
  • BID-10008: MPlayer Remote HTTP Header Buffer Overflow Vulnerability
  • BID-10009: Oracle Single Sign-On Login Page Authentication Credential Disclosure Vulnerability
  • BID-1001: InterAccess TelnetD Server 4.0 Terminal Configuration Vulnerability
  • BID-10010: LinBit Technologies LINBOX Officeserver Remote Authentication Bypass Vulnerability
  • BID-10013: PHPKit Multiple HTML Injection Vulnerabilities
  • BID-10017: JamesOff QuoteEngine Multiple Parameter Unspecified SQL Injection Vulnerability
  • BID-10018: MadBMS Unspecified Login Vulnerability
  • BID-10019: Cactusoft CactuShop SQL Injection Vulnerability
  • BID-1002: Sambar Server Batch CGI Vulnerability
  • BID-10020: CactuSoft CactuShop Cross-Site Scripting Vulnerability
  • BID-10022: Roger Wilco Server UDP Datagram Handling Denial Of Service Vulnerability
  • BID-10024: Roger Wilco Information Disclosure Vulnerability
  • BID-10025: Roger Wilco Server Unauthorized Audio Stream Denial Of Service Vulnerability
  • BID-10026: ADA IMGSVR Remote Directory Listing Vulnerability
  • BID-10027: ADA IMGSVR Remote File Download Vulnerability
  • BID-10028: OpenBSD ISAKMPD Zero Payload Length Denial Of Service Vulnerability
  • BID-1003: FTPx FTP Explorer Weak Password Encryption Vulnerability
  • BID-10033: HAHTsite Scenario Server Project File Name Buffer Overrun Vulnerability
  • BID-10036: Macromedia Dreamweaver Remote User Database Access Vulnerability
  • BID-10037: SGI IRIX ftpd Multiple Denial Of Service Vulnerabilities
  • BID-16482: cPanel Multiple Cross-Site Scripting Vulnerabilities
  • BID-21142: CPanel DNSlook.HTML Cross-Site Scripting Vulnerability
  • BID-9965: CPanel Multiple Cross-Site Scripting Vulnerabilities
  • CVE-2004-1875: Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0-R85 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to testfile.html, (2) file parameter to erredit.html, (3) dns parameter to dnslook.html, (4) account parameter to ignorelist.html, (5) account parameter to showlog.html, (6) db parameter to repairdb.html, (7) login parameter to doaddftp.html (8) account parameter to editmsg.htm, or (9) ip parameter to del.html. NOTE: the dnslook.html vector was later reported to exist in cPanel 10.
  • OSVDB ID: 4208: cPanel testfile.html email Variable XSS
  • OSVDB ID: 4209: cPanel erredit.html file Variable XSS
  • OSVDB ID: 4210: cPanel dnslook.html dns Variable XSS
  • OSVDB ID: 4211: cPanel ignorelist.html account Variable XSS
  • OSVDB ID: 4212: cPanel showlog.html account Variable XSS
  • OSVDB ID: 4213: cPanel repairdb.html db Variable XSS
  • OSVDB ID: 4214: cPanel doaddftp.html login Variable XSS
  • OSVDB ID: 4215: cPanel editmsg.html account Variable XSS
  • OSVDB ID: 4243: cPanel del.html account Variable XSS
  • SA11244: cPanel Multiple Cross-Site Scripting Vulnerabilities
  • SA22984: cPanel "dns" Cross-Site Scripting Vulnerability
  • VUPEN/ADV-2006-4658: cPanel dns Parameter Handling Client-Side Cross Site Scripting Vulnerability

Reported:

Mar 29, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page