ID CVE-2004-0490
Summary cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.
References
Vulnerable Configurations
  • cpe:2.3:a:cpanel:cpanel:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:cpanel:cpanel:5.3:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:cpanel:cpanel:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:cpanel:cpanel:6.2:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:cpanel:cpanel:6.4:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:cpanel:cpanel:6.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:6.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:cpanel:cpanel:6.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:6.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:cpanel:cpanel:6.4.2_stable_48:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:6.4.2_stable_48:*:*:*:*:*:*:*
  • cpe:2.3:a:cpanel:cpanel:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:cpanel:cpanel:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:cpanel:cpanel:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:cpanel:cpanel:9.1:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:cpanel:cpanel:9.1.0_r85:*:*:*:*:*:*:*
    cpe:2.3:a:cpanel:cpanel:9.1.0_r85:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 11-07-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 10407
bugtraq 20040524 cPanel mod_phpsuexec Vulnerability
confirm http://bugzilla.cpanel.net/show_bug.cgi?id=664
misc
xf cpanel-modphpsuexec-execute-commands(16239)
Last major update 11-07-2017 - 01:30
Published 18-08-2004 - 04:00
Last modified 11-07-2017 - 01:30
Back to Top