Case 61251

Case 61251

Summary

Arbitrary code execution via translatable phrases due to the use of Locale::Maketext

Security Rating

cPanel has assigned a Security Level of “Important” to this vulnerability.

Description

The Perl Locale::Maketext module is used to render translatable phrases into a user’s chosen locale. cPanel & WHM uses this module to display all translatable phrases in the cPanel, WHM and Webmail interfaces.

The version of Locale::Maketext used in previous releases of cPanel & WHM suffered from two flaws in the _compile() function which allowed authenticated users to execute arbitrary code by supplying specially crafted translatable phrases:

1. The _compile() function improperly escaped backslash characters inside of maketext tags. The improperly escaped data was then fed into a Perl eval().

2. The _compile() function included support for package namespaced maketext tags that could be used to execute functions that were not designed to be treated as maketext tags.

This vulnerability was discovered by the cPanel Quality Assurance Team.

Solution

This issue is resolved in the following builds:

* 11.34.0.10 and greater
* 11.32.5.14 and greater
* 11.30.7.3 and greater

Please update your cPanel & WHM system to one of the aforementioned versions or the latest public release available. A full listing of published versions can always be found at http://httpupdate.cpanel.net/.

Posted in: News, Security | Tagged: