Intrusion Prevention

cPanel.Failurl.Header.Injection

Description

This indicates an attempt to exploit an HTTP Response Splitting vulnerability in cPanel.
This is caused by the application's failure to sanitize user supplied input to the "failurl" parameter. A successful attack may allow a remote attacker to steal cookie-based authentication credentials and control the web content. Other attacks are also possible.

Affected Products

cPanel 11.25 build 42174
WebHost Manager 11.25 build 42174
Previous versions may also be affected.

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Information Spoofing.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.cpanel.net