Conectiva Local Security Checks : Conectiva Security Advisory CLA-2004:848

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.51350

Categoría: Conectiva Local Security Checks

Título: Conectiva Security Advisory CLA-2004:848

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory CLA-2004:848.

Webmin[1] is an often used web-based administration interface for
Unix systems.

Keigo Yamazaki reported[2] a vulnerability[3] in webmin that would
allow unauthenticated users to obtain read access to a module's
configuration.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://www.webmin.com/
http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/74_e.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0582
http://www.securityspace.com/smysecure/catid.html?in=CLA-2004:848
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002004

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: BugTraq ID: 10522
BugTraq ID: 10474
Common Vulnerability Exposure (CVE) ID: CVE-2004-0582
http://www.securityfocus.com/bid/10474
http://www.securityfocus.com/bid/10522
Bugtraq: 20040611 [SNS Advisory No.74] Webmin Access Control Rule Bypass Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=108697184602191&w=2
Conectiva Linux advisory: CLA-2004:848
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000848
Debian Security Information: DSA-526 (Google Search)
http://www.debian.org/security/2004/dsa-526
http://www.gentoo.org/security/en/glsa/glsa-200406-12.xml
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:074
http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/74_e.html
XForce ISS Database: webmin-bypass-security(16333)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16333

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.51350
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2004:848
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2004:848. Webmin[1] is an often used web-based administration interface for Unix systems. Keigo Yamazaki reported[2] a vulnerability[3] in webmin that would allow unauthenticated users to obtain read access to a module's configuration. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.webmin.com/ http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/74_e.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0582 http://www.securityspace.com/smysecure/catid.html?in=CLA-2004:848 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002004 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	BugTraq ID: 10522 BugTraq ID: 10474 Common Vulnerability Exposure (CVE) ID: CVE-2004-0582 http://www.securityfocus.com/bid/10474 http://www.securityfocus.com/bid/10522 Bugtraq: 20040611 [SNS Advisory No.74] Webmin Access Control Rule Bypass Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=108697184602191&w=2 Conectiva Linux advisory: CLA-2004:848 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000848 Debian Security Information: DSA-526 (Google Search) http://www.debian.org/security/2004/dsa-526 http://www.gentoo.org/security/en/glsa/glsa-200406-12.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:074 http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/74_e.html XForce ISS Database: webmin-bypass-security(16333) https://exchange.xforce.ibmcloud.com/vulnerabilities/16333
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com