The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.
References
Configurations
History
No history.
Information
Published : 2004-08-06 04:00
Updated : 2024-02-28 10:24
NVD link : CVE-2004-0529
Mitre link : CVE-2004-0529
CVE.ORG link : CVE-2004-0529
JSON object : View
Products Affected
cluecentral
- suexec.patch
CWE