cPanel – Exim Valiases Arbitrary File Read Security Vulnerability
cPanel is an easy-to-use control panel that gives web hosts and the website owners they serve, the ability to quickly and easily manage their servers and websites. Web Host Manager (WHM) is a part of the cPanel software, often used by resellers and system administrators.
When processing the valiases for a user, Exim was running as the root user. By creating a valias that included other files, an attacker was able to read arbitrary files as the root user.
Vendor Contact Timeline:
2016-11-28: Vendor contacted via email.
2016-11-29: Vendor confirms vulnerability.
2017-01-16: Vendor issues update.
2017-01-19: RACK911 issues security advisory.
1110 Palms Airport Drive, Suite 110
Las Vegas, NV 89119