CVE Vulnerabilities

CVE-2004-0490

Published: Aug 18, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the –enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attackers script after the users script, which executes the attackers script with the users privileges, a different vulnerability than CVE-2004-0529.

Affected Software

Name Vendor Start Version End Version
Cpanel Cpanel 5.0 5.0
Cpanel Cpanel 5.3 5.3
Cpanel Cpanel 6.0 6.0
Cpanel Cpanel 6.2 6.2
Cpanel Cpanel 6.4 6.4
Cpanel Cpanel 6.4.1 6.4.1
Cpanel Cpanel 6.4.2 6.4.2
Cpanel Cpanel 6.4.2_stable_48 6.4.2_stable_48
Cpanel Cpanel 7.0 7.0
Cpanel Cpanel 8.0 8.0
Cpanel Cpanel 9.0 9.0
Cpanel Cpanel 9.1 9.1
Cpanel Cpanel 9.1.0_r85 9.1.0_r85

References