Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Cpanel Admin login (username) Disclosure
From: h4cky0u <h4cky0u.org () gmail com>
Date: Wed, 8 Feb 2006 16:05:50 +0530

Yup i could reproduce that with all the sites i tried it on.

On 2/8/06, Sumit Siddharth <sumit.siddharth () gmail com> wrote:

Hi, could somebody kindly confirm this.
When a null username and a null password is provided in the cpanel
administration, port 2082, (basic authorization prompt) and then cancelling
the prompt the second time, the webpage presents a hyperlink to reset the
password which contains valid username for the cpanel administration.
Thanks
Sumit


--

Sumit Siddharth



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




--
http://www.h4cky0u.org
(In)Security at its best...
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault