|
|
cPanel Local Privilege Escalation Vulnerability
The following proof of concept is available: PATH_TRANSLATED=/gone.php SCRIPT_FILENAME=/usr/local/cpanel/base/frontend/default/phpinfo.php /usr/bin/php If the above results in a "No input file specified." message then the system is vulnerable. Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>. |
|
Privacy Statement |