Multiple vulnerabilities in Webmin

Posted: September 8, 2012 in Vulnerabilities
Tags: ,

Webmin logoVulnerability: Multiple vulnerabilities in Webmin

Impact:

– Disclosure of sensitive data;
System compromise.
Danger: middle
CVE ID:

– CVE-2012-2981;
– CVE-2012-2982;
– CVE-2012-2983.

Affected products: Webmin 1.x

Affected versions: Webmin 1.580, possibly other versions.

Description:

Which can be exploited by malicious people to gain access to sensitive information or compromise a vulnerable system.

1. The vulnerability is caused due to input validation error in the name of the monitor type in the scenarios and edit_mon.cgi save_mon.cgi. A remote authenticated user can be exploited to inject and execute arbitrary Perl code on the system.

2. The vulnerability is caused due to insufficient processing path in the script show.cgi before calling the “open ()”. A remote authenticated user can inject and execute arbitrary commands on the system.

3. The vulnerability is caused due to insufficient input validation in the parameter “file” in the script edit_html.cgi. A remote authenticated user can view the contents of arbitrary files on the system.

Manufacturer URL: www.webmin.com

Solution: Install the update from GIT repository producer.

The fix for CVE-2012-2981
https://github.com/webmin/webmin/commit/ed7365064c189b8f136a9f952062249167d1bd9e

The fix for CVE-2012-2982
https://github.com/webmin/webmin/commit/1f1411fe7404ec3ac03e803cfa7e01515e71a213

The fix for CVE-2012-2983
https://github.com/webmin/webmin/commit/4cd7bad70e23e4e19be8ccf7b9f245445b2b3b80

Links:

http://www.kb.cert.org/vuls/id/788478

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s