1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
PublicDate: 2005-11-30
Candidate: CVE-2005-3912
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912
Description:
Format string vulnerability in miniserv.pl Perl web server in Webmin before
1.250 and Usermin before 1.180, with syslog logging enabled, allows remote
attackers to cause a denial of service (crash or memory consumption) and
possibly execute arbitrary code via format string specifiers in the
username parameter to the login form, which is ultimately used in a syslog
call. NOTE: the code execution might be associated with an issue in Perl.
Ubuntu-Description:
Notes:
Bugs:
#sid_PKG:
#dapper_PKG:
#edgy_PKG:
#feisty_PKG:
#devel_PKG:
dapper_webmin: DNE
edgy_webmin: DNE
feisty_webmin: DNE
devel_webmin: DNE
upstream_webmin:
|