---

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Cpanel Admin login (username) Disclosure

---

• To: Sumit Siddharth <sumit.siddharth@xxxxxxxxx>
• Subject: Re: [Full-disclosure] Cpanel Admin login (username) Disclosure
• From: h4cky0u <h4cky0u.org@xxxxxxxxx>
• Date: Wed, 8 Feb 2006 16:05:50 +0530

---

Yup i could reproduce that with all the sites i tried it on.
On 2/8/06, Sumit Siddharth <sumit.siddharth@xxxxxxxxx> wrote:
>
> Hi, could somebody kindly confirm this.
> When a null username and a null password is provided in the cpanel
> administration, port 2082, (basic authorization prompt) and then cancelling
> the prompt the second time, the webpage presents a hyperlink to reset the
> password which contains valid username for the cpanel administration.
> Thanks
> Sumit
>
>
> --
>
> Sumit Siddharth
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
--
http://www.h4cky0u.org
(In)Security at its best...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/ 

---

• References:
  • [Full-disclosure] Cpanel Admin login (username) Disclosure
    • From: Sumit Siddharth

• Prev by Date: [Full-disclosure] iDefense Security Advisory 02.07.06: QNX Neutrino RTOS libAp ABLPATH Buffer Overflow Vulnerability
• Next by Date: Re: [Full-disclosure] aix sniffer
• Previous by thread: [Full-disclosure] Cpanel Admin login (username) Disclosure
• Next by thread: [Full-disclosure] Re: cPanel Multiple Cross Site Scripting Vulnerability
• Index(es):
  • Date
  • Thread