cPanel TSR-2018-0005 Full Disclosure

cPanel TSR-2018-0005 Full Disclosure SEC-409 Summary ClamAV daemon can be shut off by any local user. Security Rating cPanel has assigned this vulnerability a CVSSv3 score of 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Description The userspace socket file for the clamd daemon has open permissions for necessary communication with userspace scanning functionality in cPanel. …