CVE-2004-0490
cPanel - Local Privilege Escalation via PHP Script Path Manipulation
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-0490. PoCs published by Rob Brown.
AI-analyzed exploit summary The exploit describes a privilege escalation vulnerability in cPanel due to insecure compilation options for Apache and PHP with mod_phpsuexec. It provides a method to test for vulnerability by executing a specific PHP command.
Description
cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.
Exploits (1)
The exploit describes a privilege escalation vulnerability in cPanel due to insecure compilation options for Apache and PHP with mod_phpsuexec. It provides a method to test for vulnerability by executing a specific PHP command.