OSVDB ID: 60118

Title: Webmin Printer Administration Module Printer Name Shell Metacharacter Arbitrary Command Execution

Info

Disclosure

Aug 28, 2002

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS, Upgrade
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 1.000 or higher, as it has been reported to fix this vulnerability. In addition, the vendor has released a patch for some older versions.

Products

Unknown or Incomplete

References

ISS X-Force ID: 10052
CVE ID: 2002-2201 (see also: NVD)
Other Advisory URL: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc
Vendor Specific News/Changelog Entry: http://www.webmin.com/updates.html
Vendor Specific Solution URL: http://www.webmin.com/updates/lpadmin-0.990-5.wbm.gz

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/60118