cPanel Security Advisory: CVE 2009-2275

22Mar/100

cPanel Security Advisory: CVE 2009-2275

Summary

Updated builds of cPanel 11.24.4 that fix a security issue are available for users of EDGE, CURRENT, RELEASE and STABLE.

Security Rating

This update has been rated as having a trivial security impact by the cPanel Security team.

Description

The Latest Visitors interface ( /frontend/x3/stats/lastvisit.html ) displays the last few entries from the access_log of a selected domain owned by an account. Due to improper handling of user input, an authenticated user could use a carefully crafted URL to view the contents of world-readable files on the system.

Solution

cPanel users should update to 11.24.4 build 36912 or higher, which contain a fix for this issue.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2275

Print This Post

Enjoy this article?

Consider subscribing to our rss feed!

Tagged as: access log, cPanel, CURRENT, current release, EDGE, fix, interface, Issue, mitre, readable files, release, Security, security issue, security team, summary, system solution, team description, Updated, user Leave a comment

Comments (0) Trackbacks (0) ( subscribe to comments on this post )

No comments yet.

Live Help

Coupons

Tikier Hosting 50% off Coupon code Code: 50off For all Shared Hosting plans.

VPS Hosting starting @ $15.99 / month

Social Badge

Social Blog Badgegreat free widgetsWidgetboxMore info

Share |

Subscribe in a reader

Tikier Hosting Offshore, Adult, Warez Linking Hosting Allowed