SB2019071628 - Multiple vulnerabilities in CentOS Web Panel

Security Bulletin ID SB2019071628

Severity

High

Patch available

YES

Number of vulnerabilities 4

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Arbitrary file upload (CVE-ID: CVE-2019-13359)

The vulnerability allows a remote authenticated user to execute arbitrary code.

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal user to craft and upload a session file to the /tmp directory, and use it to become the root user.

2) Improper Authentication (CVE-ID: CVE-2019-13360)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass authentication in the login process by leveraging knowledge of a valid username.

3) Information disclosure (CVE-ID: CVE-2019-13383)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response.

4) Improper Authentication (CVE-ID: CVE-2019-13605)

The vulnerability allows a remote authenticated user to execute arbitrary code.

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is different from CVE-2019-13360.

Remediation

Install update from vendor's website.

SB2019071628 - Multiple vulnerabilities in CentOS Web Panel

Breakdown by Severity

Description

Remediation

References

Please verify you're human