github - ghsa-53wc-rjf9-39m4

ghsa-53wc-rjf9-39m4

Vulnerability from github

Published

2022-05-01 02:14

Modified

2022-05-01 02:14

Details

miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return).

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-3042"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-09-22T10:03:00Z",
    "severity": "HIGH"
  },
  "details": "miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when \"full PAM conversations\" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return).",
  "id": "GHSA-53wc-rjf9-39m4",
  "modified": "2022-05-01T02:14:05Z",
  "published": "2022-05-01T02:14:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-3042"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2005-09/0257.html"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/jp/JVN%2340940493/index.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/16858"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17282"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/17"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-17.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/83_e.html"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:176"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/19575"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/14889"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2005/1791"
    },
    {
      "type": "WEB",
      "url": "http://www.webmin.com/changes-1.230.html"
    },
    {
      "type": "WEB",
      "url": "http://www.webmin.com/uchanges-1.160.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2005-3042

Vulnerability from cvelistv5

Published

2005-09-22 04:00

Modified

2024-08-07 22:53

Severity

Summary

References

URL	Tags
http://secunia.com/advisories/16858	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17282	third-party-advisory, x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200509-17.xml	vendor-advisory, x_refsource_GENTOO
http://www.osvdb.org/19575	vdb-entry, x_refsource_OSVDB
http://securityreason.com/securityalert/17	third-party-advisory, x_refsource_SREASON
http://www.securityfocus.com/bid/14889	vdb-entry, x_refsource_BID
http://www.vupen.com/english/advisories/2005/1791	vdb-entry, x_refsource_VUPEN
http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/83_e.html	x_refsource_MISC
http://www.mandriva.com/security/advisories?name=MDKSA-2005:176	vendor-advisory, x_refsource_MANDRIVA
http://www.novell.com/linux/security/advisories/2005_24_sr.html	vendor-advisory, x_refsource_SUSE
http://archives.neohapsis.com/archives/bugtraq/2005-09/0257.html	mailing-list, x_refsource_BUGTRAQ
http://www.webmin.com/changes-1.230.html	x_refsource_CONFIRM
http://jvn.jp/jp/JVN%2340940493/index.html	third-party-advisory, x_refsource_JVN
http://www.webmin.com/uchanges-1.160.html	x_refsource_CONFIRM

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website