-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1199-1 security@debian.org http://www.debian.org/security/ Noah Meyerhans October 23, 2006 - ------------------------------------------------------------------------ Package : webmin Vulnerability : multiple Problem type : remote Debian-specific: no CVE Id(s) : CVE-2005-3912 CVE-2006-3392 CVE-2006-4542 BugTraq ID : 15629 18744 19820 Debian Bug : 341394 381537 391284 Several vulnerabilities have been identified in webmin, a web-based administration toolkit. CVE-2005-3912 A format string vulnerability in miniserv.pl could allow an attacker to cause a denial of service by crashing the application or exhausting system resources, and could potentially allow arbitrary code execution. CVE-2006-3392 Improper input sanitization in miniserv.pl could allow an attacker to read arbitrary files on the webmin host by providing a specially crafted URL path to the miniserv http server. CVE-2006-4542 Improper handling of null characters in URLs in miniserv.pl could allow an attacker to conduct cross-site scripting attacks, read CGI program source code, list local directories, and potentially execute arbirary code. For the stable distribution (sarge), these problems have been fixed in version 1.180-3sarge1 Webmin is not included in unstable (sid) or testing (etch), so these problems are not present. We recommend that you upgrade your webmin (1.180-3sarge1) package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian 3.1 (stable) - ------------------- Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/w/webmin/webmin_1.180-3sarge1.dsc Size/MD5 checksum: 703 5e723deaccb3db60794e0cb385666992 http://security.debian.org/pool/updates/main/w/webmin/webmin_1.180.orig.tar.gz Size/MD5 checksum: 2261496 ff19d5500955302455e517cb2942c9d0 http://security.debian.org/pool/updates/main/w/webmin/webmin_1.180-3sarge1.diff.gz Size/MD5 checksum: 31458 f8fe363e7ccd8fe4072d84cd86a3510e Architecture independent packages: http://security.debian.org/pool/updates/main/w/webmin/webmin-core_1.180-3sarge1_all.deb Size/MD5 checksum: 1121200 8fa7064325ded44e7f8dbd226b81d9dd http://security.debian.org/pool/updates/main/w/webmin/webmin_1.180-3sarge1_all.deb Size/MD5 checksum: 1097552 34d96210d581dde8ffea7be82e0897f4 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFFPWexYrVLjBFATsMRAoUMAJoD7NOzzETLIGE+1vYShqxQDZVT4gCfcYfm f1fqxSNrMBz71bBqOA2hlFk= =849e -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/