Webmin / Usermin HTML Email Command Execution Vulnerability

Bugtraq ID: 11122
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Sep 07 2004 12:00AM
Updated: Sep 07 2004 12:00AM
Credit: Disclosure of this issue is credited to Keigo Yamazaki.
Vulnerable: Webmin Webmin 1.150
Webmin Webmin 1.140
Webmin Webmin 1.130
Webmin Webmin 1.121
Webmin Webmin 1.110
Webmin Webmin 1.100
Webmin Webmin 1.0 90
Webmin Webmin 1.0 80
Webmin Webmin 1.0 70
+ HP Apache-Based Web Server 1.3.27 .01
+ HP Apache-Based Web Server 1.3.27 .01
+ HP Webmin-Based Admin 1.0.1 .01
+ HP Webmin-Based Admin 1.0.1 .01
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
Webmin Webmin 1.0 60
Webmin Webmin 1.0 50
Webmin Webmin 1.0 20
Webmin Webmin 1.0 00
Usermin Usermin 1.0 80
Usermin Usermin 1.0 70
Usermin Usermin 1.0 60
Usermin Usermin 1.0 51
Usermin Usermin 1.0 40
Usermin Usermin 1.0 30
Usermin Usermin 1.0 20
Usermin Usermin 1.0 10
Usermin Usermin 1.0 00
Not Vulnerable: Webmin Webmin 1.160
Usermin Usermin 1.0 90


 

Privacy Statement
Copyright 2010, SecurityFocus