Summary: | app-admin/webmin < 1.350 and usermin < 1.280 "pam_login.cgi" XSS (CVE-2007-3156) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Pierre-Yves Rofes (RETIRED) <py> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | armin76, beu, jesse |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/25580/ | ||
Whiteboard: | B4 [glsa] p-y | ||
Package list: | Runtime testing required: | --- |
Description
Pierre-Yves Rofes (RETIRED)
2007-06-09 08:25:35 UTC
Setting status and cc'ing maintainer. please advise and bump as necessary. *** Bug 180607 has been marked as a duplicate of this bug. *** beu's being retired... I'm adding armin76 to CC, since he did the last security bump. 1.350 in the tree Thanks Raul. Arches, please test and mark stable. Target keywords are: webmin-1.350.ebuild:KEYWORDS="alpha amd64 arm hppa ppc ppc64 s390 sh sparc x86" ppc64 stable Stable for HPPA. alpha/x86 stable ppc stable sparc stable. amd64 done I tend to vote YES. I tend to vote yes too. In order to stealth (and use) the victim's cookies, an attacker has to: - have access to the webmin interface (which i think is highly insecure) - bring the victim to a crafted, malicious URL. Usually i vote no, but given that a webmin credentials compromise is likely to lead to a complete system compromise, i will vote yes. I still think running webmin over internet is silly. usermin is certainly affected too, since the pam_login.cgi file is exactly the same one. (between vulnerable webmin-1.340 and usermin-1.270) Raul could you handle this (patch or bump as necessary), thanks in advance. app-admin/usermin-1.280 in the tree Thx Raul. Arches, please test and mark stable usermin-1.280. Target keywords are: usermin-1.280:KEYWORDS="alpha amd64 hppa ppc ppc64 sparc x86" hppa done. alpha/x86 stable amd64 done sparc stable. ppc64 stable ppc stable, ready for glsa voting. thanks Tobias, but we already voted previously :) (In reply to comment #24) > thanks Tobias, but we already voted previously :) > nevermind then :P GLSA 200707-05 |