Vulnerabilities > CVE-2006-5014 - Remote Privilege Escalation vulnerability in CPanel SUID Wrapper

CVSS 9.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

cpanel

critical

exploit available

NVD

Published: 2006-09-27

Updated: 2008-09-05

Summary

Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.

Vulnerable Configurations

Part	Description	Count
Application	Cpanel Cpanel Cpanel 5.0 Cpanel Cpanel 5.3 Cpanel Cpanel 6.0 Cpanel Cpanel 6.2 Cpanel Cpanel 6.4 Cpanel Cpanel 6.4.1 Cpanel Cpanel 6.4.2 Cpanel Cpanel 6.4.2_Stable_48 Cpanel Cpanel 7.0 Cpanel Cpanel 8.0 Cpanel Cpanel 9.0 Cpanel Cpanel 9.1 Cpanel Cpanel 9.1.0_R85 Cpanel Cpanel 9.4.1_R64 Cpanel Cpanel 9.9.1_R3 Cpanel Cpanel 10.2.0_R82 Cpanel Cpanel 10.6.0_R137 Cpanel Cpanel 10.8.1_113 Cpanel Cpanel 10.8.2_118	19

Exploit-Db

description	cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit. CVE-2006-5014. Local exploit for linux platform
id	EDB-ID:2466
last seen	2016-01-31
modified	2006-10-01
published	2006-10-01
reporter	Clint Torrez
source	https://www.exploit-db.com/download/2466/
title	cPanel <= 10.8.x - cpwrap via mysqladmin Local Root Exploit

Summary

Vulnerable Configurations

Exploit-Db

References