|
Full Disclosure
mailing list archives
Re: Cpanel Admin login (username) Disclosure
From: h4cky0u <h4cky0u.org () gmail com>
Date: Wed, 8 Feb 2006 16:05:50 +0530
Yup i could reproduce that with all the sites i tried it on.
On 2/8/06, Sumit Siddharth <sumit.siddharth () gmail com> wrote:
Hi, could somebody kindly confirm this.
When a null username and a null password is provided in the cpanel
administration, port 2082, (basic authorization prompt) and then cancelling
the prompt the second time, the webpage presents a hyperlink to reset the
password which contains valid username for the cpanel administration.
Thanks
Sumit
--
Sumit Siddharth
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
http://www.h4cky0u.org
(In)Security at its best...
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
Intro
