Disclosure of cpanel-horde’s MySQL password due to world-readable backups.
cPanel has assigned a Security Level of Important to this vulnerability.
During the upgrade to Horde 5 on 11.42 systems, a backup tarball of the existing Horde configuration files is created. This backup tarball was created in a world-accessible directory with world-readable permissions, allowing local accounts to see the MySQL password for the shared cpanel-horde user.
This issue was discovered by Rack911.
This issue is resolved in the following builds:
For the PGP-signed message, see http://cpanel.net/wp-content/uploads/2014/02/TSR-2014-0002-Full-Disclosure.txt.