Published: 05/09/2006 Updated: 20/07/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Webmin prior to 1.296 and Usermin prior to 1.226 do not properly handle a URL with a null ("%00") character, which allows remote malicious users to conduct cross-site scripting (XSS), read CGI program source code, list directories, and possibly execute programs.

Vulnerable Product	Search on Vulmon	Subscribe to Product
usermin usermin 0.7
usermin usermin 0.4
usermin usermin 0.92
usermin usermin 0.93
usermin usermin 0.94
usermin usermin 1.010
usermin usermin 1.020
usermin usermin 1.090
usermin usermin 1.100
webmin webmin 0.1
webmin webmin 0.2
webmin webmin 0.21
webmin webmin 0.5
webmin webmin 0.51
webmin webmin 0.80
webmin webmin 0.83
webmin webmin 0.93
webmin webmin 0.94
webmin webmin 1.0.10
webmin webmin 1.0.20
webmin webmin 1.0.80
webmin webmin 1.0.90
usermin usermin 0.8
usermin usermin 0.97
usermin usermin 0.98
usermin usermin 1.051
usermin usermin 1.060
usermin usermin 1.130
usermin usermin 1.140
webmin webmin 0.31
webmin webmin 0.4
webmin webmin 0.76
webmin webmin 0.77
webmin webmin 0.88
webmin webmin 0.90
webmin webmin 0.97
webmin webmin 0.98
webmin webmin 1.0.50
webmin webmin 1.0.51
webmin webmin 1.1.20
webmin webmin 1.1.21
webmin webmin 1.1.30
webmin webmin 1.2.60
webmin webmin 1.2.70
usermin usermin 0.9
usermin usermin 0.91
usermin usermin 0.99
usermin usermin 1.000
usermin usermin 1.070
usermin usermin 1.080
usermin usermin 1.150
usermin usermin 1.210
webmin webmin 0.41
webmin webmin 0.42
webmin webmin 0.78
webmin webmin 0.79
webmin webmin 0.91
webmin webmin 0.92
webmin webmin 0.92.1
webmin webmin 0.99
webmin webmin 1.0.00
webmin webmin 1.0.60
webmin webmin 1.0.70
webmin webmin 1.1.40
webmin webmin 1.1.50
webmin webmin 1.2.80
usermin usermin
webmin webmin 1.2.20
webmin webmin 1.2.30
webmin webmin
usermin usermin 0.5
usermin usermin 0.6
usermin usermin 0.95
usermin usermin 0.96
usermin usermin 1.030
usermin usermin 1.040
usermin usermin 1.110
usermin usermin 1.120
webmin webmin 0.22
webmin webmin 0.3
webmin webmin 0.6
webmin webmin 0.7
webmin webmin 0.84
webmin webmin 0.85
webmin webmin 0.95
webmin webmin 0.96
webmin webmin 1.0.30
webmin webmin 1.0.40
webmin webmin 1.1.00
webmin webmin 1.1.10
webmin webmin 1.2.40
webmin webmin 1.2.50

Several vulnerabilities have been identified in webmin, a web-based administration toolkit The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2005-3912 A format string vulnerability in miniservpl could allow an attacker to cause a denial of service by crashing the application or exhausting system re ...

CWE-79 http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/89_e.html http://jvn.jp/jp/JVN%2399776858/index.html http://webmin.com/security.html http://secunia.com/advisories/21690 http://securitytracker.com/id?1016776 http://securitytracker.com/id?1016777 http://www.securityfocus.com/bid/19820 http://secunia.com/advisories/22087 http://secunia.com/advisories/22114 http://www.debian.org/security/2006/dsa-1199 http://secunia.com/advisories/22556 http://www.osvdb.org/28337 http://www.osvdb.org/28338 http://www.mandriva.com/security/advisories?name=MDKSA-2006:170 http://www.vupen.com/english/advisories/2006/3424 https://exchange.xforce.ibmcloud.com/vulnerabilities/28699 https://nvd.nist.gov https://www.debian.org/security/./dsa-1199

Get Started

CVE-2006-4542

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect