{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1603", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions are enabled or disabled." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "cpanel-htaccess-modify-ownership(17780)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17780" }, { "name": "20041018 cPanel hardlink backup issue", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=109811572123753&w=2" }, { "name": "cpanel-backup-view-file(17779)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17779" }, { "name": "20041018 cPanel hardlink chown issue", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=109811654104208&w=2" }, { "name": "11455", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11455" }, { "name": "12865", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/12865" }, { "name": "11449", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11449" } ] } }