Multiple vulnerabilities in cPanel EasyApache
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2017-0900 CVE-2017-0899 CVE-2017-0901 CVE-2017-0902 CVE-2017-12932 |
| CWE-ID | CWE-20 CWE-284 CWE-416 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #3 is available. |
| Vulnerable software Subscribe |
EasyApache Server applications / Other server solutions |
| Vendor | cPanel, Inc |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Denial of service
EUVDB-ID: #VU8055
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2017-0900
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The weakness exists due to insufficient validation of user-supplied input. A local attacker can supply a specially crafted 'query' command and cause the service to crash.
Successful exploitation of the vulnerability results in denial of service.
Install update from vendor's website.
Vulnerable software versionsEasyApache: 4
Fixed software versionsCPE2.3 External links
http://news.cpanel.com/easyapache-sept-6-2017-maintenance-release/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
2) Security restrictions bypass
EUVDB-ID: #VU8056
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2017-0899
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to unknown error. A remote attacker can escape ANSI.
Install update from vendor's website.
Vulnerable software versionsEasyApache: 4
Fixed software versionsCPE2.3 External links
http://news.cpanel.com/easyapache-sept-6-2017-maintenance-release/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
3) Improper input validation
EUVDB-ID: #VU8057
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2017-0901
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to overwrite arbitrary files on the target system.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker can trick the victim into installing a specially crafted RubyGem and overwrite arbitrary files.
Install update from vendor's website.
Vulnerable software versionsEasyApache: 4
Fixed software versionsCPE2.3 External links
http://news.cpanel.com/easyapache-sept-6-2017-maintenance-release/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
4) Session hijacking
EUVDB-ID: #VU8058
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2017-0902
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to hijack the target user's session.
The weakness exists due to improper access control. A remote attacker can hijack DNS sessions.
Install update from vendor's website.
Vulnerable software versionsEasyApache: 4
Fixed software versionsCPE2.3 External links
http://news.cpanel.com/easyapache-sept-6-2017-maintenance-release/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
5) Heap use-after-free error
EUVDB-ID: #VU8137
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2017-12932
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to improper use of the hash API for key deletion in a situation with an invalid array size. A remote attacker can use untrusted data to trigger heap use-after-free error in ext/standard/var_unserializer.re and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Vulnerable software versionsEasyApache: 4
Fixed software versionsCPE2.3 External links
http://news.cpanel.com/easyapache-sept-6-2017-maintenance-release/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
