CVE-2006-3392
First published: Thu Jul 06 2006(Updated: )
Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML, which allows remote attackers to read arbitrary files, as demonstrated using "..%01" sequences, which bypass the removal of "../" sequences before bytes such as "%01" are removed from the filename. NOTE: This is a different issue than CVE-2006-3274.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Webmin Usermin | <=1.210 | |
| Webmin | <=1.2.80 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://attrition.org/pipermail/vim/2006-June/000912.html
- http://www.webmin.com/changes.html
- http://www.osvdb.org/26772
- http://secunia.com/advisories/20892
- http://www.kb.cert.org/vuls/id/999601
- http://attrition.org/pipermail/vim/2006-July/000923.html
- http://www.securityfocus.com/bid/18744
- http://secunia.com/advisories/21105
- http://security.gentoo.org/glsa/glsa-200608-11.xml
- http://secunia.com/advisories/21365
- http://www.debian.org/security/2006/dsa-1199
- http://secunia.com/advisories/22556
- http://www.securityfocus.com/archive/1/440466/100/0/threaded
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:125
- http://www.vupen.com/english/advisories/2006/2612
- http://www.securityfocus.com/archive/1/440493/100/0/threaded
- http://www.securityfocus.com/archive/1/440125/100/0/threaded
- http://www.securityfocus.com/archive/1/439653/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2006-3392?
CVE-2006-3392 is classified as a high severity vulnerability due to its ability to allow unauthorized file access.
How do I fix CVE-2006-3392?
To fix CVE-2006-3392, upgrade Webmin to version 1.290 or higher and Usermin to version 1.220 or higher.
What systems are affected by CVE-2006-3392?
CVE-2006-3392 affects Webmin versions prior to 1.290 and Usermin versions prior to 1.220.
What type of attack is facilitated by CVE-2006-3392?
CVE-2006-3392 facilitates path traversal attacks, allowing attackers to read arbitrary files on the server.
Is there a workaround for CVE-2006-3392 if I cannot upgrade?
If upgrading is not possible, ensure proper file permissions are set to limit access to sensitive files.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/usermin
- canonical/webmin usermin
- version/webmin usermin/1.210
- vendor/webmin
- canonical/webmin
- version/webmin/1.2.80