{"vuid":"VU#584089","idnumber":"584089","name":"cPanel XSRF vulnerabilities","keywords":["Cpanel","cross-site request forgery","csrf","cpanel","xsrf","INFO#11101"],"overview":"cPanel contains multiple cross-site request forgery (XSRF) vulnerabilities. If successfully exploited, these vulnerabilities may allow an attacker to execute arbitrary commands.","clean_desc":"cPanel, a web-based tool that is designed to automate and control web sites and servers, contains multiple cross-site request forgery (XSRF) vulnerabilities. These vulnerabilities may be triggered by a remote attacker who convinces an administrator to browse to a malicious website while logged into their cPanel account.","impact":"An attacker may be able to perform actions that only authorized administrators should be able to execute.","resolution":"We are currently unaware of a practical solution to this problem.","workarounds":"Enable referrer checking Referrer checking may mitigate some XSRF attacks. To enable referrer checking, follow the steps below. Note that referrer checking may cause some applications to fail. Navigate to Server configuration\nGo to Tweak Settings\nGo to Security in WebHost Manager \nCheck the box and save the page Do not browse to untrusted sites Administrators can mitigate XSRF vulnerabilities in cPanel and other browser-based tools by not browsing to untrusted websites while logged into their account.","sysaffected":"","thanks":"Thanks to Michael Brooks for information that was used in this report.","author":"This document was written by Ryan Giobbi.","public":["http://www.rooksecurity.com/blog/?p=7","http://changelog.cpanel.net/","http://www.owasp.org/index.php/Cross-Site_Request_Forgery","http://en.wikipedia.org/wiki/XSRF","http://secunia.com/advisories/30027/"],"cveids":["CVE-2008-2043"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2008-04-17T15:02:55Z","publicdate":"2008-04-17T00:00:00Z","datefirstpublished":"2008-04-30T19:47:27Z","dateupdated":"2008-07-30T19:10:30Z","revision":21,"vrda_d1_directreport":"1","vrda_d1_population":"4","vrda_d1_impact":"3","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"4","cam_population":"10","cam_impact":"5","cam_easeofexploitation":"5","cam_attackeraccessrequired":"20","cam_scorecurrent":"2.25","cam_scorecurrentwidelyknown":"2.25","cam_scorecurrentwidelyknownexploited":"4.125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":2.25,"vulnote":null}