Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1770

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-1770
Last Modified 05 Sep 2008 04:42:18
Published 11 Mar 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1770

Summary

The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via shell metacharacters in the user parameter.

Vulnerable Systems

Application

  • Cpanel 5.0

  • Cpanel 5.3

  • Cpanel 6.0

  • Cpanel 6.2

  • Cpanel 6.4

  • Cpanel 6.4.1

  • Cpanel 6.4.2

  • Cpanel 6.4.2 Stable 48

  • Cpanel 7.0

  • Cpanel 8.0

  • Cpanel 9.0

  • Cpanel 9.1


References

CERT-VN - VU#831534

XF - cpanel-login-execute-commands(15486)

BID - 9855

SECUNIA - 11124

BUGTRAQ - 20040312 Cpanel 9.1.0 have a problem ?


Last Updated: 27 May 2016 10:39:10