CVE-2006-3274
First published: Wed Jun 28 2006(Updated: )
Directory traversal vulnerability in Webmin before 1.280, when run on Windows, allows remote attackers to read arbitrary files via \ (backslash) characters in the URL to certain directories under the web root, such as the image directory.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Webmin Webmin | =1.2.50 | |
| Webmin Webmin | =1.2.30 | |
| Webmin Webmin | =1.2.60 | |
| Webmin Webmin | =1.2.40 | |
| Webmin Webmin | <=1.2.70 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://jvn.jp/jp/JVN%2367974490/index.html
- http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/88_e.html
- http://www.webmin.com/changes.html
- http://www.securityfocus.com/bid/18613
- http://securitytracker.com/id?1016375
- http://secunia.com/advisories/20777
- http://securityreason.com/securityalert/1161
- http://www.vupen.com/english/advisories/2006/2493
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27366
- http://www.securityfocus.com/archive/1/438149/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/weakness
- agent/severity
- agent/references
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/webmin
- canonical/webmin webmin
- version/webmin webmin/1.2.50
- version/webmin webmin/1.2.30
- version/webmin webmin/1.2.60
- version/webmin webmin/1.2.40
- version/webmin webmin/1.2.70