Lucene search
Ubuntu.comUB:CVE-2006-4542HistorySep 05, 2006 - 12:00 a.m.
CVE-2006-4542
2006-09-0500:00:00
ubuntu.com
ubuntu.com
9
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.025 Low
EPSS
Percentile
89.9%
Webmin before 1.296 and Usermin before 1.226 do not properly handle a URL
with a null (“%00”) character, which allows remote attackers to conduct
cross-site scripting (XSS), read CGI program source code, list directories,
and possibly execute programs.
Related
cve
cve
CVE-2006-4542
2006-09-05 23:04:00
nessus
nessus
Webmin Null Byte Filtering Information Disclosure
2006-09-02 00:00:00
Mandrake Linux Security Advisory : webmin (MDKSA-2006:170-1)
2007-02-18 00:00:00
Usermin Null Byte Filtering Information Disclosure
2014-09-16 00:00:00
openvas
openvas
Debian Security Advisory DSA 1199-1 (webmin)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1199-1)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 1199-1] New webmin packages fix input validation problems
2006-10-24 01:10:44
[SECURITY] [DSA 1199-1] New webmin packages fix input validation problems
2006-10-24 01:10:44
osv
osv
webmin
2006-10-23 00:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.025 Low
EPSS
Percentile
89.9%
Related for UB:CVE-2006-4542