OSVDB ID: 10803

Title: Webmin/Usermin miniserv.pl Base-64 String Metacharacter Privilege Escalation

Info

Disclosure

Feb 24, 2003

Discovery

Feb 19, 2003

Dates

Exploit

Feb 24, 2003

Solution

Unknown

Description

Webmin and Usermin both contain a flaw that may allow a malicious user to gain access. The issue is due to a lack of proper sanitization for input supplied to the miniserv.pl script. If an attacker has knowledge of a valid username, that person can spoof a session ID, which is then added to the access control list, giving the attacker full access to the system (and thus root privileges on the system running the vulnerable program).

Classification

Location: Remote/Network Access Required
Attack Type: Authentication Management, Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified
OSVDB: Web Related

Solution

Upgrade to version 1.070 or higher for Webmin and 1.000 or higher for Usermin, as these versions are known to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Jamie Cameron	Usermin	0.x
	Webmin	0.x
		1.060
		1.050
		1.040
		1.030
		1.020
		1.000

References

Security Tracker: 1011173
ISS X-Force ID: 11390
CVE ID: 2003-0101 (see also: NVD)
Bugtraq ID: 6915
CIAC Advisory: n-058

Credit

Keigo Yamazaki - Little eArth Corporation
Cintia M. Imanishi - Little eArth Corporation

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Jamie Cameron

Usermin

Webmin

References

Credit