[UNIX] Webmin/Usermin Cross-site Scripting Vulnerability
From: support@securiteam.comDate: 05/08/02
- Previous message: support@securiteam.com: "[UNIX] ISC DHCPDv3 Remote Root Compromise"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Wed, 8 May 2002 21:01:31 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Webmin/Usermin Cross-site Scripting Vulnerability
------------------------------------------------------------------------
SUMMARY
The authentication page of both Webmin and Usermin is prone to a
cross-site scripting vulnerability.
DETAILS
Vulnerable systems:
* Webmin version 0.960 and prior
* Usermin version 0.90 and prior
Immune systems:
* Webmin version 0.970
* Usermin version 0.910
Webmin is a web-based system administration tool for UNIX. Usermin is a
web interface that allows all users on a UNIX system to easily receive
mails and to perform SSH and mail forwarding configuration. A potential
cross-site scripting vulnerability may occur because the CGI script of the
authentication page used by both Webmin and Usermin, prints user's input
on the error page.
Webmin and Usermin users' session ID cookies cannot be acquired, since
this problem only occurs when users are not logged into these software
packages. However, there is a possibility that the cookie of a Web service
may be stolen if it is running on the same host as of Webmin/Usermin.
Solution:
This problem can be eliminated by upgrading to Webmin version 0.970
/Usermin version 0.910, which are available at the following URL:
<http://www.webmin.com/> http://www.webmin.com/
ADDITIONAL INFORMATION
The information has been provided by <mailto:snsadv@lac.co.jp> Keigo
Yamazaki.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[UNIX] ISC DHCPDv3 Remote Root Compromise"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
