Nom du paquet
webmin
Date
2007-06-23
Advisory ID
MDKSA-2007:135
Affected versions
2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS4.0 i586 , CS4.0 x86_64 , 2007.1 x86_64

Problem description

Multiple cross-site scripting (XSS) vulnerabilities were discovered
in pam_login.cgi in webmin prior to version 1.350, which could allow
a remote attacker to inject arbitrary web script or HTML.

Updated packages have been patched to prevent this issue.

Updated packages

2007.0 x86_64

 b8981f770501be8eccacb49eef5ed40d  2007.0/x86_64/webmin-1.290-4.4mdv2007.0.noarch.rpm 
 0247107019e5b014d1931d1bc9efbc8a  2007.0/SRPMS/webmin-1.290-4.4mdv2007.0.src.rpm

2007.1 i586

 143e2320e03544c7a40d11c6e0aacaa6  2007.1/i586/webmin-1.320-1.1mdv2007.1.noarch.rpm 
 15e22c891aed715223d5d655c2076691  2007.1/SRPMS/webmin-1.320-1.1mdv2007.1.src.rpm

2007.0 i586

 b8981f770501be8eccacb49eef5ed40d  2007.0/i586/webmin-1.290-4.4mdv2007.0.noarch.rpm 
 0247107019e5b014d1931d1bc9efbc8a  2007.0/SRPMS/webmin-1.290-4.4mdv2007.0.src.rpm

CS4.0 i586

 b84091c9b3a44dd5dcf7e1945661bfb4  corporate/4.0/i586/webmin-1.220-9.8.20060mlcs4.noarch.rpm 
 5715885df4fcddade5de4b0fdddcaa32  corporate/4.0/SRPMS/webmin-1.220-9.8.20060mlcs4.src.rpm

CS4.0 x86_64

 b84091c9b3a44dd5dcf7e1945661bfb4  corporate/4.0/x86_64/webmin-1.220-9.8.20060mlcs4.noarch.rpm 
 5715885df4fcddade5de4b0fdddcaa32  corporate/4.0/SRPMS/webmin-1.220-9.8.20060mlcs4.src.rpm

2007.1 x86_64

 143e2320e03544c7a40d11c6e0aacaa6  2007.1/x86_64/webmin-1.320-1.1mdv2007.1.noarch.rpm 
 15e22c891aed715223d5d655c2076691  2007.1/SRPMS/webmin-1.320-1.1mdv2007.1.src.rpm

References