jvndb-2006-000939
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Multiple vulnerabilities in Webmin and Usermin
Details
Webmin and Usermin, web-based system management tools, contain the following vulnerabilities:
- Execution of arbitrary files and viewing source code by bypassing Webmin and Usermin's access restrictions
- Cross-site scripting
We are aware that these vulnerabilities have been addressed in Webmin development version 1.297 and Usermin development version 1.226, as of August 31, 2006. Please refer to "Development Versions of Webmin and Usermin" on the vendor's website for information on the latest versions of the software.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000939.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Webmin and Usermin, web-based system management tools, contain the following vulnerabilities:\r\n\r\n- Execution of arbitrary files and viewing source code by bypassing Webmin and Usermin\u0027s access restrictions\r\n- Cross-site scripting\r\n\r\nWe are aware that these vulnerabilities have been addressed in Webmin development version 1.297 and Usermin development version 1.226, as of August 31, 2006. Please refer to \"Development Versions of Webmin and Usermin\" on the vendor\u0027s website for information on the latest versions of the software.",
"link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000939.html",
"sec:cpe": [
{
"#text": "cpe:/a:webmin:usermin",
"@product": "Usermin",
"@vendor": "Webmin Project",
"@version": "2.2"
},
{
"#text": "cpe:/a:webmin:webmin",
"@product": "Webmin",
"@vendor": "Webmin Project",
"@version": "2.2"
},
{
"#text": "cpe:/o:misc:miraclelinux_asianux_server",
"@product": "Asianux Server",
"@vendor": "Cybertrust Japan Co., Ltd.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2006-000939",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN99776858/index.html",
"@id": "JVN#99776858",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4542",
"@id": "CVE-2006-4542",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4542",
"@id": "CVE-2006-4542",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/21690",
"@id": "SA21690",
"@source": "SECUNIA"
},
{
"#text": "http://secunia.com/advisories/22114",
"@id": "SA22114",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/19820",
"@id": "19820",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/28699",
"@id": "28699",
"@source": "XF"
},
{
"#text": "http://securitytracker.com/id?1016776",
"@id": "1016776",
"@source": "SECTRACK"
},
{
"#text": "http://securitytracker.com/id?1016777",
"@id": "1016777",
"@source": "SECTRACK"
},
{
"#text": "http://www.frsirt.com/english/advisories/2006/3424",
"@id": "FrSIRT/ADV-2006-3424",
"@source": "FRSIRT"
}
],
"title": "Multiple vulnerabilities in Webmin and Usermin"
}
Loading...