Full Disclosure mailing list archives
Re: Cpanel Admin login (username) Disclosure
From: h4cky0u <h4cky0u.org () gmail com>
Date: Wed, 8 Feb 2006 16:05:50 +0530
Yup i could reproduce that with all the sites i tried it on. On 2/8/06, Sumit Siddharth <sumit.siddharth () gmail com> wrote:
Hi, could somebody kindly confirm this. When a null username and a null password is provided in the cpanel administration, port 2082, (basic authorization prompt) and then cancelling the prompt the second time, the webpage presents a hyperlink to reset the password which contains valid username for the cpanel administration. Thanks Sumit -- Sumit Siddharth _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- http://www.h4cky0u.org (In)Security at its best...
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Cpanel Admin login (username) Disclosure Sumit Siddharth (Feb 07)
- Re: Cpanel Admin login (username) Disclosure h4cky0u (Feb 08)