cPanel contains a flaw that allows a remote attacker to access arbitrary files. The issue is due to the erredit.html script not properly validating the "dir" and "file" variables. If an attacker requests an arbitrary file under the right configuration, it will be displayed.
Classification
Location:
Remote / Network Access
Attack Type:
Input Manipulation
Impact:
Loss of Confidentiality,
Loss of Integrity
Exploit:
Exploit Public
Disclosure:
OSVDB Verified
OSVDB:
Web Related
Technical
An attacker can only retrieve files in the user's directories with the user's permissions (like File Manager), however this allows file retrieval if the server admin has disabled file manager and command line access.
Solution
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.
We currently have no CVSS2 data on this vulnerability. Feel free to suggest it.
Blogs
This product uses the Daylife API but is not endorsed or certified by Daylife.
This section lists the latest news and blogs found via the daylife API (and for older items, the technorati API), which mention or otherwise discuss this vulnerability.
cirt.net -
cirt.net
