not a cpanel vulnerabilty, but cpanel has Melange chat server actived by default

try to login (telnet?) to port 6666 of your server

do you get >> Melange Chat Server (Version 1.10), Apr-25-1999?

this program has a bug

i didn't investigate it very much, but it's possible to change the EIP (pointer to program code) to somewhere else, maybe getting to run some program the ab(user) wants

as far as i went, that's a not severe vulnerability, since this program is runned by 'nobody' user
not a big deal, but yet a vuln ;)

http://www.securityfocus.com/bid/6477/discussion/

no patch is available yet, so if you think you can be affected by that, disable connections to port 6666 to your server

Originally posted by Lem0nHead

no patch is available yet, so if you think you can be affected by that, disable connections to port 6666 to your server
Or just disable the chat protocol in WHM, not that hard to do.
I actually recommend this anyways, it's not like most use this, and it is quite easily abused :)

Originally posted by Lem0nHead
not a cpanel vulnerabilty, but cpanel has Melange chat server actived by default

try to login (telnet?) to port 6666 of your server

do you get >> Melange Chat Server (Version 1.10), Apr-25-1999?

this program has a bug

i didn't investigate it very much, but it's possible to change the EIP (pointer to program code) to somewhere else, maybe getting to run some program the ab(user) wants

as far as i went, that's a not severe vulnerability, since this program is runned by 'nobody' user
not a big deal, but yet a vuln ;)

http://www.securityfocus.com/bid/6477/discussion/

no patch is available yet, so if you think you can be affected by that, disable connections to port 6666 to your server


This is pretty old. I posted about it some months ago.

http://www.webhostingtalk.com/showthread.php?s=&threadid=224139&highlight=melange