The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
usermin usermin 1.060 |
||
usermin usermin 1.070 |
||
webmin webmin 1.0.80 |
||
webmin webmin 1.0.90 |
||
usermin usermin 1.020 |
||
usermin usermin 1.030 |
||
webmin webmin 1.0.20 |
||
webmin webmin 1.0.50 |
||
webmin webmin 1.1.21 |
||
webmin webmin 1.1.30 |
||
usermin usermin 1.000 |
||
usermin usermin 1.010 |
||
usermin usermin 1.080 |
||
webmin webmin 1.0.00 |
||
webmin webmin 1.1.00 |
||
webmin webmin 1.1.10 |
||
usermin usermin 1.040 |
||
usermin usermin 1.051 |
||
webmin webmin 1.0.60 |
||
webmin webmin 1.0.70 |
||
webmin webmin 1.1.40 |
||
webmin webmin 1.1.50 |
||
mandrakesoft mandrake linux 10.0 |
||
mandrakesoft mandrake linux corporate server 2.1 |
||
mandrakesoft mandrake linux 9.2 |