Mandrake Linux Security Advisory : webmin (MDKSA-2002:033)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

A vulnerability exists in all versions of Webmin prior to 0.970 that
allows a remote attacker to login to Webmin as any user. All users of
Webmin are encouraged to upgrade immediately.

Users of Mandrake Linux 8.0 and earlier will need to install some
additional perl modules for this new version of webmin to work
correctly.

See also :

http://www.geocrawler.com/lists/3/SourceForge/12082/0/8595354/

Solution :

Update the affected perl-Authen-PAM, perl-Net_SSLeay and / or webmin
packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 13939 (mandrake_MDKSA-2002-033.nasl)

Bugtraq ID:

CVE ID: CVE-2002-0757

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now