Some vulnerabilities have been reported in Webmin, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed to unspecified parameters in pam_login.cgi is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The vulnerabilities are reported in version 1.340. Prior versions may also be affected.
Update to version 1.350.
Provided and/or discovered by:
Reported by the vendor.
Setting status and cc'ing maintainer. please advise and bump as necessary.
*** Bug 180607 has been marked as a duplicate of this bug. ***
beu's being retired... I'm adding armin76 to CC, since he did the last security bump.
1.350 in the tree
Arches, please test and mark stable. Target keywords are:
webmin-1.350.ebuild:KEYWORDS="alpha amd64 arm hppa ppc ppc64 s390 sh sparc x86"
Stable for HPPA.
I tend to vote YES.
I tend to vote yes too.
In order to stealth (and use) the victim's cookies, an attacker has to:
- have access to the webmin interface (which i think is highly insecure)
- bring the victim to a crafted, malicious URL.
Usually i vote no, but given that a webmin credentials compromise is likely to lead to a complete system compromise, i will vote yes. I still think running webmin over internet is silly.
usermin is certainly affected too, since the pam_login.cgi file is exactly the same one.
(between vulnerable webmin-1.340 and usermin-1.270)
Raul could you handle this (patch or bump as necessary), thanks in advance.
app-admin/usermin-1.280 in the tree
Arches, please test and mark stable usermin-1.280. Target keywords are:
usermin-1.280:KEYWORDS="alpha amd64 hppa ppc ppc64 sparc x86"
ppc stable, ready for glsa voting.
thanks Tobias, but we already voted previously :)
(In reply to comment #24)
> thanks Tobias, but we already voted previously :)
nevermind then :P