does it
allow you to reset the password without asking the old password? or its
just showing your the valid username and you need the old password to reset
it?
-----Original Message-----
From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of Rahul Baweja
Sent: 09 February 2006 04:59
To: [email protected]
Subject: RE: [linuxtechbiz] Cpanel Admin login (username) DisclosureHi Dhruv...same here ... even I could do that..Rahul
From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of Soi, Dhruv
Sent: Wednesday, February 08, 2006 4:18 PM
To: [email protected]
Subject: [linuxtechbiz] Cpanel Admin login (username) DisclosureWould anyone from group like to try this and confirm back to us?-DSubject: Re: [Full-disclosure] Cpanel Admin login (username) DisclosureYup i could reproduce that with all the sites i tried it on.
On 2/8/06, Sumit Siddharth <[EMAIL PROTECTED]> wrote:Hi, could somebody kindly confirm this.
When a null username and a null password is provided in the cpanel administration, port 2082, (basic authorization prompt) and then cancelling the prompt the second time, the webpage presents a hyperlink to reset the password which contains valid username for the cpanel administration.
Thanks
Sumit
--
Sumit Siddharth
SPONSORED LINKS
Computer security Communication and networking Computer memory Computer training
YAHOO! GROUPS LINKS
- Visit your group "linuxtechbiz" on the web.
- To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
- Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
