Type: Privilege Escalation
Location: Local
Impact: Critical
Product: SpamExperts (cPanel Plugin)
Website: http://www.spamexperts.com
Vulnerable Version: v3.0.58799
Fixed Version: v3.0.59056
CVE: -
R911: 0079
Date: 2013-10-11
By: Rack911
Product Description:

SpamExperts delivers managed email security in the cloud or on premises, tailored for webhosts: Incoming -, outgoing email filtering, and email archiving. Reduce churn, increase revenue, be 100% secure! Full API & standard integration and automation plugins for cPanel, Parallels products, DirectAdmin; Redundant, synchronized, and scalable; 4-Tier control panel; multi-level branding options; 24/7 support & SLAs; Fast release cycles and frequent updates!

Vulnerability Description:

There is a local privilege escalation flaw in SpamExpert's cPanel Plugin that would allow an attacker to obtain root access.

Proof of Concept:

Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.

Impact:

We have deemed this vulnerability to be rated as CRITICAL due to the fact that root access can be obtained.

Vulnerable Version:

This vulnerability was tested against SpamExpert's cPanel Plugin v3.0.58799 and is believed to exist in all prior versions.

Fixed Version:

This vulnerability was patched in SpamExpert's cPanel Plugin vv3.0.59056.

Vendor Contact Timeline:

2013-10-01: Vendor contacted in person.
2013-10-01: Vendor confirms vulnerability.
2013-10-02: Vendor issues updates to all builds.
2013-10-11: Rack911 issues security advisory.