This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing a security update.
A vulnerability was discovered in webmin by Cintia M. Imanishi, in the
miniserv.pl program, which is the core server of webmin. This
vulnerability allows an attacker to spoof a session ID by including
special metacharacters in the BASE64 encoding string used during the
authentication process. This could allow an attacker to gain full
administrative access to webmin.
MandrakeSoft encourages all users to upgrade immediately.
See also :
Update the affected webmin package.
Risk factor :
Critical / CVSS Base Score : 10.0