DirectAdmin is a graphical web-based web hosting control panel designed to make administration of websites easier.
There is a flaw within the reseller backup system that allows an attacker to use symlinks and hardlinks to overwrite any file and/or change ownerships of directories. We were not able to obtain root access but were able to overwrite sensitive files which could render a server inoperable.
Proof of Concept:
Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.
We have deemed this vulnerability to be rated as HIGH due to the fact that a normal user can render a server inoperable.
This vulnerability was tested against DirectAdmin v1.43 and is believed to exist in all prior versions.
This vulnerability was patched in DirectAdmin v1.44.