|
Hello,, =0D
=0D
I Discovered a new bug in cPanel to show the directions (Folders Only) on the server=0D
=0D
in Disk Usage part=0D
=0D
for example, I tried to see the folders in /etc=0D
=0D
and it worked !=0D
=0D
that would show you a list of directions of folders=0D
=0D
and that including programes on the server, this could be dangerous !=0D
=0D
the attacker may use the exploit to see programes on the server and find bugs for them =0D
=0D
also you may see the directions of backups in the server=0D
=0D
also you have the permission to see the folders in other websites on the server which is been protected by firewall=0D
=0D
=0D
tested on / cPanel version 11.18.3=0D
=0D
to see more information & Exploits for this bug /=0D
=0D
http://www.lezr.com/exploits/id/156=0D
=0D
Discovered by Linux_Drox=0D
=0D
Best Regards,,=0D
=0D
L-G-H TEAM=0D
=0D
LeZr.Com Group : The Arab Center For Pirates=0D
www.LeZr.Com