CVE-2004-0490 Information

Feb 14, 2021 cve

Description

cPanel when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option does not set the –enable-discard-path option which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker’s script after the user’s script which executes the attacker’s script with the user’s privileges a different vulnerability than CVE-2004-0529.

Reference

http://bugzilla.cpanel.net/show_bug.cgi?id=283 http://bugzilla.cpanel.net/show_bug.cgi?id=664 http://www.a-squad.com/audit/explain10.html http://www.securiteam.com/tools/5TP0N15CUA.html http://www.securityfocus.com/archive/1/364112 http://www.securityfocus.com/bid/10407 https://exchange.xforce.ibmcloud.com/vulnerabilities/16239

Share on: