Your message dated Sat, 17 Feb 2007 12:10:32 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#341394: fixed in webmin 1.180-3sarge1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: Webmin
Version: 1.180-3
Severity: grave
Tags: security
The webmin `miniserv.pl' web server component is vulnerable to a new class of
exploitable (remote code) perl format string vulnerabilities. During the login
process it is possible to trigger this vulnerability via a crafted username
parameter containing format string data. In the observed configuration the
process was running as the user root, so if remote code execution is
successful, it would lead to a full remote root compromise in a standard
configuration. A valid login is not required to trigger this vulnerability,
only access to the miniserv.pl port (default 10000).
Date Found: September 23, 2005.
Public Release: November 29, 2005.
Application: webmin miniserv.pl, *all versions below 1.250*
Credit: Jack Louis of Dyad Security
More information available at:
http://www.dyadsecurity.com/webmin-0001.html
There are new fixed versions available at http://www.webmin.com/
http://www.webmin.com/security.html says:
Perl syslog bug attack
Effects Webmin versions below 1.250 and Usermin versions below 1.180, with
syslog logging enabled.
When logging of failing login attempts via syslog is enabled, an attacker can
crash and possibly take over the Webmin webserver, due to a bug in Perl's
syslog function. Upgrading to the latest release of Webmin is recommended.
Thanks to Jack at Dyad Security for reporting this problem to me.
Since this is my first bug report to Debian I hope everything is correct..
I don't know if it is necessary to post this bug for other versions and
usermin as well. Thanks in advance!
Andreas
--- End Message ---
--- Begin Message ---
Source: webmin
Source-Version: 1.180-3sarge1
We believe that the bug you reported is fixed in the latest version of
webmin, which is due to be installed in the Debian FTP archive:
webmin-core_1.180-3sarge1_all.deb
to pool/main/w/webmin/webmin-core_1.180-3sarge1_all.deb
webmin_1.180-3sarge1.diff.gz
to pool/main/w/webmin/webmin_1.180-3sarge1.diff.gz
webmin_1.180-3sarge1.dsc
to pool/main/w/webmin/webmin_1.180-3sarge1.dsc
webmin_1.180-3sarge1_all.deb
to pool/main/w/webmin/webmin_1.180-3sarge1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Noah Meyerhans <[EMAIL PROTECTED]> (supplier of updated webmin package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 23 Oct 2006 17:16:10 -0400
Source: webmin
Binary: webmin-core webmin
Architecture: source all
Version: 1.180-3sarge1
Distribution: stable-security
Urgency: high
Maintainer: [EMAIL PROTECTED]
Changed-By: Noah Meyerhans <[EMAIL PROTECTED]>
Description:
webmin - web-based administration toolkit
webmin-core - core modules for webmin
Closes: 341394
Changes:
webmin (1.180-3sarge1) stable-security; urgency=high
.
* Non-maintainer upload by the security team.
* CVE-2005-3912 Fix syslog format string vulnerability in
miniserv.pl (Closes: #341394) This string vulnerability could be used
to gain access to the account running miniserv.pl by creating a
specialy crafted username.
* CVE-2006-3392 Fix input sanitization bug that could be exploited to allow
an attacker to read arbitrary files.
* CVE-2006-4542 Fix cross-site scripting vulnerability caused by the failure
to properly cope with null characters in a URL.
Files:
5e723deaccb3db60794e0cb385666992 703 admin optional webmin_1.180-3sarge1.dsc
f8fe363e7ccd8fe4072d84cd86a3510e 31458 admin optional
webmin_1.180-3sarge1.diff.gz
ff19d5500955302455e517cb2942c9d0 2261496 admin optional
webmin_1.180.orig.tar.gz
34d96210d581dde8ffea7be82e0897f4 1097552 admin optional
webmin_1.180-3sarge1_all.deb
8fa7064325ded44e7f8dbd226b81d9dd 1121200 admin optional
webmin-core_1.180-3sarge1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFFPTqHYrVLjBFATsMRAjF5AJ9H5lDX9KqEMN7pWuc42/vsdYX7KwCcDyMC
CGUk1l4/6+7QEahXHSICc0M=
=gkIR
-----END PGP SIGNATURE-----
--- End Message ---
