Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Webmin <= 1.580 Multiple Input-Validation Vulnerabilities (deprecated)

Medium

Synopsis

nThe remote web server is affected by multiple input-validation vulnerabilities

Description

The remote host is running a Webmin HTTP server.

Versions earlier than or equal to 1.580 are vulnerable to the following vulnerabilities :

- A command execution vulnerability affects the 'edit_mon.cgi' , 'saved_mon.cgi' and '/file/show.cgi' scripts. (CVE-2012-2981, CVE-2012-2982)

- A directory traversal vulnerability affects the 'file' parameter of the 'edit_html.cgi' script. (CVE-2012-2983)

Solution

Upgrade to version 1.590 or greater