Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2006-3392
HistoryJul 06, 2006 - 12:00 a.m.

CVE-2006-3392

2006-07-0600:00:00
ubuntu.com
ubuntu.com
22

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.956 High

EPSS

Percentile

99.4%

JSON

Webmin before 1.290 and Usermin before 1.220 calls the simplify_path
function before decoding HTML, which allows remote attackers to read
arbitrary files, as demonstrated using “…%01” sequences, which bypass the
removal of “…/” sequences before bytes such as “%01” are removed from the
filename. NOTE: This is a different issue than CVE-2006-3274.

Related

nessus 7
cve 2
cert 1
openvas 6
ubuntucve 1
gentoo 1
debian 2
nmap 1
osv 1
kitploit 3
nessus
nessus
Mandrake Linux Security Advisory : webmin (MDKSA-2006:125)
2006-12-16 00:00:00
GLSA-200608-11 : Webmin, Usermin: File Disclosure
2006-08-07 00:00:00
Webmin 'miniserv.pl' Arbitrary File Disclosure
2006-06-30 00:00:00
cve
cve
CVE-2006-3392
2006-07-06 20:05:00
CVE-2006-3274
2006-06-28 22:05:00
cert
cert
Webmin and Usermin fail to sanitize user input
2006-07-07 00:00:00
openvas
openvas
FreeBSD Ports: webmin
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200608-11 (webmin/usermin)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200608-11 (webmin/usermin)
2008-09-24 00:00:00
ubuntucve
ubuntucve
CVE-2006-3274
2006-06-28 00:00:00
gentoo
gentoo
Webmin, Usermin: File Disclosure
2006-08-06 00:00:00
debian
debian
[SECURITY] [DSA 1199-1] New webmin packages fix input validation problems
2006-10-24 01:10:44
[SECURITY] [DSA 1199-1] New webmin packages fix input validation problems
2006-10-24 01:10:44
nmap
nmap
http-vuln-cve2006-3392 NSE Script
2014-05-04 15:00:06
osv
osv
webmin
2006-10-23 00:00:00
kitploit
kitploit
Sn1per v6.0 - Automated Pentest Framework For Offensive Security Experts
2018-11-24 12:43:00
Sn1per v5.0 - Automated Pentest Recon Scanner
2018-07-05 13:45:00
Sn1per v7.0 - Automated Pentest Framework For Offensive Security Experts
2019-05-12 13:09:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.956 High

EPSS

Percentile

99.4%

JSON
Related for UB:CVE-2006-3392
nessus7cve2cert1openvas6ubuntucve1gentoo1debian2nmap1osv1kitploit3