Support / Security / Advisories / Mandrakelinux 8.2 / MDKSA-2003:025

Package name: webmin
Date: 2003-02-26
Advisory ID: MDKSA-2003:025
Affected versions: 8.1 i586 , SNF7.2 i586 , 8.1 i586 , 8.0 i586 , 9.0 i586 , 8.2 i586 , 8.0 i586 , 8.2 i586 , 7.2 i586

Problem description

A vulnerability was discovered in webmin by Cintia M. Imanishi, in the miniserv.pl program, which is the core server of webmin. This vulnerability allows an attacker to spoof a session ID by including special metacharacters in the BASE64 encoding string used during the authentication process. This could allow an attacker to gain full administrative access to webmin. MandrakeSoft encourages all users to upgrade immediately.

Updated packages

8.1 i586

 85e21a0044eadb0c4fcc7154490904d2  ia64/8.1/RPMS/webmin-0.970-2.3mdk.noarch.rpm
bd072335c255b99babe2820da0f40895  ia64/8.1/SRPMS/webmin-0.970-2.3mdk.src.rpm

SNF7.2 i586

 0ee3a9b29088dab06b211f8137ead0f4  snf7.2/RPMS/webmin-0.970-2.1mdk.noarch.rpm
70c12cf5f873867e48097867ba4d7511  snf7.2/SRPMS/webmin-0.970-2.1mdk.src.rpm

8.1 i586

 c54d6a04c43babd622352dc154c11cf1  8.1/RPMS/webmin-0.970-2.3mdk.noarch.rpm
bd072335c255b99babe2820da0f40895  8.1/SRPMS/webmin-0.970-2.3mdk.src.rpm

8.0 i586

 1942eff82c6e3d6307f1ed3effcd8445  8.0/RPMS/webmin-0.970-2.2mdk.noarch.rpm
fd6e16fb437508d292a08f1b8e3f4395  8.0/SRPMS/webmin-0.970-2.2mdk.src.rpm

9.0 i586

 78ef5e7e090ed425adafb1bcd044a6d3  9.0/RPMS/webmin-0.990-6.1mdk.noarch.rpm
4c1ec7e6fbca1226856a325ec0d35de3  9.0/SRPMS/webmin-0.990-6.1mdk.src.rpm

8.2 i586

 f539ce86d0abc4dc722ef80d1f44b041  8.2/RPMS/webmin-0.970-2.3mdk.noarch.rpm
bd072335c255b99babe2820da0f40895  8.2/SRPMS/webmin-0.970-2.3mdk.src.rpm

8.0 i586

 ac36fd178467656f52737465aa7064c0  ppc/8.0/RPMS/webmin-0.970-2.2mdk.noarch.rpm
fd6e16fb437508d292a08f1b8e3f4395  ppc/8.0/SRPMS/webmin-0.970-2.2mdk.src.rpm

8.2 i586

 a37bc31328fa2a6cad1160db622b8006  ppc/8.2/RPMS/webmin-0.970-2.3mdk.noarch.rpm
bd072335c255b99babe2820da0f40895  ppc/8.2/SRPMS/webmin-0.970-2.3mdk.src.rpm

7.2 i586

 0ee3a9b29088dab06b211f8137ead0f4  7.2/RPMS/webmin-0.970-2.1mdk.noarch.rpm
70c12cf5f873867e48097867ba4d7511  7.2/SRPMS/webmin-0.970-2.1mdk.src.rpm

MDKSA-2003:025

Problem description

Updated packages

8.1 i586

SNF7.2 i586

8.1 i586

8.0 i586

9.0 i586

8.2 i586

8.0 i586

8.2 i586

7.2 i586

References