Description
cPanel 9.9.1-RELEASE-3 allows remote authenticated users to chmod arbitrary files via a symlink attack on the _private directory, which is created when Front Page extensions are enabled.
References (1)
Core 1
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109811762230326&w=2
Scores
EPSS
0.0034
EPSS Percentile
56.6%
Details
Status
published
Products (1)
cpanel/cpanel
9.9.1_r3
Published
Sep 30, 2004
Tracked Since
Feb 18, 2026