Results 1 to 1 of 1
-
10-25-2013, 07:34 AM #1Web Hosting Master
- Join Date
- Mar 2003
- Location
- Canada
- Posts
- 9,072
Installatron (DirectAdmin) - Privilege Escalation Vulnerability (R911-0082)
Type: Privilege Escalation
Location: Local
Impact: Critical
Product: Installatron
Website: http://www.installatron.com
Vulnerable Version: v9.0.3
Fixed Version: v9.0.4 and v8.0.16
CVE: -
R911: 0082
Date: 2013-10-25
By: Rack911
Installatron is a turn-key, state-of-the-art web application automation solution (also known as an auto installer or script installer) for web hosting control panel platforms.
Once installed on a control panel server, Installatron's powerful, easy-to-use user-interface integrates seamlessly, enabling instant, one-click installs and upgrades, backups and restores, and other
advanced features for a premier collection of only the best applications on the web.
Vulnerability Description:
Installatron on DirectAdmin can use the system cURL binary that allows an attacker to manipulate the output using a malicious config file which could lead to a root compromise.
Proof of Concept:
Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.
Impact:
We have deemed this vulnerability to be rated as CRITICAL due to the fact that root access can be obtained.
Vulnerable Version:
This vulnerability was tested against Installatron v9.0.3 for DirectAdmin and is believed to exist in all prior versions.
Fixed Version:
This vulnerability was patched in Installatron v9.0.4 and 8.0.16.
Vendor Contact Timeline:
2013-10-21: Vendor contacted via email.
2013-10-21: Vendor confirms vulnerability.
2013-10-21: Vendor issues v9.0.4 and v8.0.16 update.
2013-10-25: Rack911 issues security advisory.RACK911 Labs | Penetration Testing | https://www.RACK911Labs.ca
www.HostingSecList.com - Security Notices for the Hosting Community.
Similar Threads
-
DirectAdmin - MySQL Local Privilege Escalation Vulnerability (R911-0078)
By Patrick in forum Hosting Security and TechnologyReplies: 2Last Post: 10-28-2013, 03:05 PM -
WHMreseller - Privilege Escalation Vulnerability (R911-0074)
By Steven in forum Hosting Security and TechnologyReplies: 1Last Post: 09-23-2013, 03:15 PM -
InterWorx - Privilege Escalation Vulnerability (R911-0038)
By Patrick in forum Hosting Security and TechnologyReplies: 0Last Post: 07-08-2013, 01:07 PM -
InterWorx - Privilege Escalation Vulnerability (R911-0037)
By Patrick in forum Hosting Security and TechnologyReplies: 0Last Post: 07-08-2013, 01:00 PM -
InterWorx - Privilege Escalation Vulnerability (R911-0036)
By Patrick in forum Hosting Security and TechnologyReplies: 0Last Post: 07-08-2013, 12:36 PM