First published: Tue Sep 11 2012(Updated: )
file/edit_html.cgi in Webmin 1.590 and earlier does not perform an authorization check before showing a file's unedited contents, which allows remote attackers to read arbitrary files via the file field.
Credit: cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
Gentoo Webmin | <=1.590 | |
Gentoo Webmin | =1.140 | |
Gentoo Webmin | =1.150 | |
Gentoo Webmin | =1.160 | |
Gentoo Webmin | =1.170 | |
Gentoo Webmin | =1.180 | |
Gentoo Webmin | =1.200 | |
Gentoo Webmin | =1.210 | |
Gentoo Webmin | =1.220 | |
Gentoo Webmin | =1.230 | |
Gentoo Webmin | =1.240 | |
Gentoo Webmin | =1.260 | |
Gentoo Webmin | =1.270 | |
Gentoo Webmin | =1.280 | |
Gentoo Webmin | =1.290 | |
Gentoo Webmin | =1.300 | |
Gentoo Webmin | =1.310 | |
Gentoo Webmin | =1.320 | |
Gentoo Webmin | =1.330 | |
Gentoo Webmin | =1.340 | |
Gentoo Webmin | =1.370 | |
Gentoo Webmin | =1.380 | |
Gentoo Webmin | =1.390 | |
Gentoo Webmin | =1.400 | |
Gentoo Webmin | =1.410 | |
Gentoo Webmin | =1.420 | |
Gentoo Webmin | =1.430 | |
Gentoo Webmin | =1.440 | |
Gentoo Webmin | =1.450 | |
Gentoo Webmin | =1.470 | |
Gentoo Webmin | =1.480 | |
Gentoo Webmin | =1.500 | |
Gentoo Webmin | =1.510 | |
Gentoo Webmin | =1.520 | |
Gentoo Webmin | =1.530 | |
Gentoo Webmin | =1.550 | |
Gentoo Webmin | =1.560 | |
Gentoo Webmin | =1.570 | |
Gentoo Webmin | =1.580 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.