-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 cPanel TSR-2016-0005 Full Disclosure SEC-141 Summary Code execution as other accounts via mailman list archives. Security Rating cPanel has assigned this vulnerability a CVSSv2 score of 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P) Description The sticky-group bit applied to mailman's list archive directories allowed list owners to modify the contents of these directories. This could be used to execute arbitrary code as other accounts on the system. Credits This issue was discovered by the cPanel Security Team. Solution This issue is resolved in the following builds: 11.58.0.29 11.56.0.34 11.54.0.29 11.52.6.6 SEC-152 Summary Arbitrary code execution due to faulty shebang in Mail::SPF scripts. Security Rating cPanel has assigned this vulnerability a CVSSv2 score of 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P) Description The scripts provided with the Mail::SPF Perl module in cPanel & WHM used /usr/bin/perl rather than /usr/local/cpanel/3rdparty/bin/perl as their interpreter. If executed in an unsafe directory, this could cause untrusted code to load and execute. Credits This issue was discovered by the cPanel Security Team. Solution This issue is resolved in the following builds: 11.58.0.29 11.56.0.34 11.54.0.29 11.52.6.6 SEC-154 Summary Arbitrary file read due to multipart form processing error. Security Rating cPanel has assigned this vulnerability a CVSSv2 score of 6.3 (AV:N/AC:M/Au:S/C:C/I:N/A:N) Description The Cpanel::Form::parseform() function was found to mishandle some invalid combinations of multipart form data in ways that allowed the reading of arbitrary files in several WHM interfaces. Credits This issue was discovered by the cPanel Security Team. Solution This issue is resolved in the following builds: 11.58.0.29 11.56.0.34 11.54.0.29 11.52.6.6 SEC-156 Summary Stored XSS Vulnerability in WHM tail_upcp2.cgi interface. Security Rating cPanel has assigned this vulnerability a CVSSv2 score of 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N) Description The tail_upcp2.cgi script displays the log output of the cPanel & WHM update process. The output includes portions of log files that contain untrusted data. In some cases, this untrusted output was not properly escaped. Credits This issue was discovered by the cPanel Security Team. Solution This issue is resolved in the following builds: 11.58.0.29 11.56.0.34 11.54.0.29 11.52.6.6 -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJX4XwmAAoJEJUhvtyr2U3fxnUP/jcm6eCPB4wkw42f86I8lzU+ qLAOLDJhrVfOroTL1GxGz8LeINsHp4SgADuucBjptdfeSTUW/pwIbGaDZaP8xdfU f4nm4CQyj1ZBANl9UOthmN5HCpxVS+F/7+91u3SdKBWd6DdBo9n94p4osf2Ribf2 V6QRZiObAnOXwqspvVeQ9slZZk9u+wQF43A7dR5PQhumqezDayep1QwespjQYMAj xqyN5c3IVZRnHXQVzmvZIngQ0BSrkGdOBX0YOnHokVoUsGJ/pRi6zQFnCslYTKXO 4kINvQOJxfoC/DjwQpAHtWts7X9+kE2fY1K9gdiKSMENhwPXsl2oX9IH6PO4hZz3 Sj/sn3Kib9YYOjn26lceymnvyPrw0xcKCsnp/eGZ3mQzlBmwP+bu9OU4GKvNwj8J NHyJ5/rc9/fjXIh2gkWU3/U7llE6DG8BTUIX3um8JG58Hf91/lbScT4lbtCjh+ou LM6xLRLPx6/6vmjv0woYWN4X2d27UbjNzjDyVEdYX3HY2wYrdmf4Nu4idCiIcvV/ ECJY5AOB2BYR37wvgAcLH/mJK+9aoYY9aE+7qu5c9eW5oRh1205jmvAYmvIbZEnq rrFLsuVIau7UHh2i0TyQOBVp5TLUo8+zTN20tQ/n3cVomOfo5S6REEKB3FA6Lx25 yWsMq9qmgzftUcLGsh3x =/Xnv -----END PGP SIGNATURE-----