Knowledgebase

WHMXtra - ACL Bypass (Root Access) Vulnerability -- Critical

Posted by Steven, 05-30-2013, 12:57 PM
Product Description: WHMXtra can install FFMPEG, firewalls, ddos protection, fix mysql issues, search for illegal files or processes, monitor your server and much much more. Browse the entire server filesystem via one of our built in file managers, upload/download files, create multiple accounts, check memory and CPU usage and even get tips on improving your servers performance. Vulnerability Description: There are numerous files accessible to a reseller under the WHMXtra installation directory that would allow an attacker to make changes to the operating system as if they were the root user. Note: This flaw is allowed to exist because of a fundamental security failure within WHM that executes all plugins as root. Proof of Concept: Due to the nature of this vulnerability we are withholding the proof of concept until a later date to allow everyone ample time to update their software Impact: We have deemed this vulnerability to be rated as HIGH due to the fact that a normal user can access particular functions intended for the root user. Vulnerable Version: This vulnerability was tested against WHMXtra G2 v2.4. Fixed Version: This vulnerability was patched in WHMXtra G2 v2.5. Vendor Contact Timeline: 2013-05-29: Vendor contacted via email. 2013-05-29: Vendor confirms vulnerability. 2013-05-30: Vendor issues G2 v2.5 update. 2013-05-30: Rack911 issues security advisory.
Posted by bune, 05-30-2013, 04:22 PM
Thanks for the infor.. This would save many system from getting hacked
Posted by techjr, 05-30-2013, 09:28 PM
Was going to open a thread about WHMXtra in the morning asking what people thought of it. Honestly that Vendor Timeline was more than enough to have me try it good or bad.
Posted by Patrick, 05-30-2013, 09:42 PM
Fortunately, most companies are responsive when we contact them regarding security vulnerabilities... we actually have over 40 now in the last month which is scary as hell since it's all commonly used products. Expect a boat load of more advisories being released in the weeks ahead as they get patched.


Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article
Also Read
Should I block Yandex? (Views: 589)
Inserting a carriage return into an Excel document, via PHP (Views: 600)
WHMCS Password Reset Flaw (Views: 608)
postfix/master: fatal: bind 127.0.0.1 port 125: Permission denied (Views: 560)
WWW services memory consumption issue (Views: 586)


Language:

Client Menu

 

Client Login

Email

Password

Remember Me

Search



  
 

Clients

Hosting

VPS Hosting

About Us

Contact Us

Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.