|
|
CVE Reference: CVE-2006-4246 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-4246 |
|
|
Description: Usermin before 1.220 (20060629) allows remote attackers to read arbitrary files, possibly related to chfn/save.cgi not properly handling an empty shell parameter, which results in changing root's shell instead of the shell of a specified user. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/29010 SAID Secunia Advisory: SA21968 Secunia Advisory: SA21981 MISC http://www.osreviews.net/reviews/admin/usermin DEBIAN http://www.debian.org/security/2006/dsa-1177 CONFIRM http://www.webmin.com/uchanges.html http://sourceforge.net/tracker/index.php?func=detail&aid=1509145&group_id=17457&atid=485894 BID 18574 |
|
| Return to the previous page. |
