- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200512-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Webmin, Usermin: Format string vulnerability Date: December 07, 2005 Bugs: #113888 ID: 200512-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Webmin and Usermin are vulnerable to a format string vulnerability which may lead to the execution of arbitrary code. Background ========== Webmin is a web-based interface for Unix-like systems. Usermin is a simplified version of Webmin designed for use by normal users rather than system administrators. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-admin/webmin < 1.250 >= 1.250 2 app-admin/usermin < 1.180 >= 1.180 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ------------------------------------------------------------------- Description =========== Jack Louis discovered that the Webmin and Usermin "miniserv.pl" web server component is vulnerable to a Perl format string vulnerability. Login with the supplied username is logged via the Perl "syslog" facility in an unsafe manner. Impact ====== A remote attacker can trigger this vulnerability via a specially crafted username containing format string data. This can be exploited to consume a large amount of CPU and memory resources on a vulnerable system, and possibly to execute arbitrary code of the attacker's choice with the permissions of the user running Webmin. Workaround ========== There is no known workaround at this time. Resolution ========== All Webmin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-admin/webmin-1.250" All Usermin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-admin/usermin-1.180" References ========== [ 1 ] CVE-2005-3912 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912 [ 2 ] Dyad Security Advisory http://www.dyadsecurity.com/webmin-0001.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200512-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@xxxxxxxxxx or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.0
Attachment:
pgpXtIbpS6p32.pgp
Description: PGP signature