Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200406-12 (webmin)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54597

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200406-12 (webmin)

Resumen: The remote host is missing updates announced in;advisory GLSA 200406-12.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200406-12.

Vulnerability Insight:
Webmin contains two security vulnerabilities which could lead to a Denial
of Service attack and information disclosure.

Solution:
All Webmin users should upgrade to the latest stable version:

# emerge sync

# emerge -pv '>=app-admin/app-admin/webmin-1.150'
# emerge '>=app-admin/app-admin/webmin-1.150'

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0582
BugTraq ID: 10474
http://www.securityfocus.com/bid/10474
BugTraq ID: 10522
http://www.securityfocus.com/bid/10522
Bugtraq: 20040611 [SNS Advisory No.74] Webmin Access Control Rule Bypass Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=108697184602191&w=2
Conectiva Linux advisory: CLA-2004:848
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000848
Debian Security Information: DSA-526 (Google Search)
http://www.debian.org/security/2004/dsa-526
http://www.gentoo.org/security/en/glsa/glsa-200406-12.xml
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:074
http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/74_e.html
XForce ISS Database: webmin-bypass-security(16333)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16333
Common Vulnerability Exposure (CVE) ID: CVE-2004-0583
BugTraq ID: 10523
http://www.securityfocus.com/bid/10523
Bugtraq: 20040611 [SNS Advisory No.75] Webmin/Usermin Account Lockout Bypass Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=108737059313829&w=2
http://www.gentoo.org/security/en/glsa/glsa-200406-15.xml
http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/75_e.html
XForce ISS Database: webmin-username-password-dos(16334)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16334

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54597
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200406-12 (webmin)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200406-12.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200406-12. Vulnerability Insight: Webmin contains two security vulnerabilities which could lead to a Denial of Service attack and information disclosure. Solution: All Webmin users should upgrade to the latest stable version: # emerge sync # emerge -pv '>=app-admin/app-admin/webmin-1.150' # emerge '>=app-admin/app-admin/webmin-1.150' CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0582 BugTraq ID: 10474 http://www.securityfocus.com/bid/10474 BugTraq ID: 10522 http://www.securityfocus.com/bid/10522 Bugtraq: 20040611 [SNS Advisory No.74] Webmin Access Control Rule Bypass Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=108697184602191&w=2 Conectiva Linux advisory: CLA-2004:848 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000848 Debian Security Information: DSA-526 (Google Search) http://www.debian.org/security/2004/dsa-526 http://www.gentoo.org/security/en/glsa/glsa-200406-12.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:074 http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/74_e.html XForce ISS Database: webmin-bypass-security(16333) https://exchange.xforce.ibmcloud.com/vulnerabilities/16333 Common Vulnerability Exposure (CVE) ID: CVE-2004-0583 BugTraq ID: 10523 http://www.securityfocus.com/bid/10523 Bugtraq: 20040611 [SNS Advisory No.75] Webmin/Usermin Account Lockout Bypass Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=108737059313829&w=2 http://www.gentoo.org/security/en/glsa/glsa-200406-15.xml http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/75_e.html XForce ISS Database: webmin-username-password-dos(16334) https://exchange.xforce.ibmcloud.com/vulnerabilities/16334
Copyright	Copyright (C) 2008 E-Soft Inc.