cPanel boasts with the recent addition of the Horde 5.1 webmail edition with rich features many Horde lovers will certainly appreciate. Nevertheless, the company experience a recent issue surrounding the aforementioned webmail interface called cache file poisoning.
Fortunately, cPanel experts caught this issue early and immediately delivered an update to solve the problem.
TSR 2014-0001 Disclosure
This is title of the issue concerning cache file poisoning, a process that affects the cached files employed by many cPanel users worldwide.
According to the description, the Horde webmail interfaces, which are accessible to webmail accounts and cPanel employees PHP serialized cache files. These cache files make certain processes faster like backend operations. Utilizing cache files make these backend operations more efficient than the usual.
cPanel sets these cache files’ storage location at the /tmp directory by default. This /tmp directory is a world-writable directory. Once saved, cache files will have their names that are easy to predict.
The alarming situation
Since the file names are saved in predictable names, it’s possible for some users, especially those who are good in decoding file naming patterns, to detect these files easily. A malicious local attacker can take advantage of these cache files and pre-create the files stored in /tmp folder. This may lead to arbitrary code execution as a cPanel and Horde user.
Cache file poisoning
The poisoning process starts by pre-creating these cache files and result to code execution that may cause numerous instability issues within the system. cPanel experts, however, detected this problem immediately and resolved in three builds starting from 11.38 to 11.42. With the problem managed immediately and effectively, cPanel users can have the peace of mind in taking advantage of cache files for their own operations.
cPanel always rate the security updates delivered for customers to ensure everyone will be aware of the situation and be confident in the company’s services. This cache file poisoning is rated as important and security builds are highly recommended to be applied for users’ cPanel.
cPanel’s disclosure reports
cPanel’s security team posts full disclosure reports once problems regarding security or other cPanel issues were dealt with accordingly. A while back, the company reported together with their Bounty program for security that security issues won’t be out in the open initially. This is probably to ensure that the problem remains within the team and avoid external parties to take advantage of the issue. Once solved, they will send out reports through their News page as part of its disclosure policy and transparency for users. The good thing is the company resolved the issue and everyone will be free from potential problems that issues like cache file poisoning can bring.
cPanel manages security issues effectively and confidentially to ensure every cPanel users will not experience any problems caused by the inconsistencies discovered in the system. Be sure to check cPanel’s News page regularly to see these updates and be more mindful about internal operations within your server. Posts are updated regularly as a way to inform cPanel users about the changes occurring within the system, especially if they concentrate on general cPanel security.