CVE-2006-3392 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-3392
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-3392

Description: Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML, which allows remote attackers to read arbitrary files, as demonstrated using "..%01" sequences, which bypass the removal of "../" sequences before bytes such as "%01" are removed from the filename. NOTE: This is a different issue than CVE-2006-3274.

CVE Status: Candidate

References: VIM http://attrition.org/pipermail/vim/2006-July/000923.html http://attrition.org/pipermail/vim/2006-June/000912.html SAID Secunia Advisory: SA20892 Secunia Advisory: SA21105 Secunia Advisory: SA21365 Secunia Advisory: SA22556 OSVDB 26772 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:125 GENTOO http://security.gentoo.org/glsa/glsa-200608-11.xml DEBIAN http://www.debian.org/security/2006/dsa-1199 CONFIRM http://www.webmin.com/changes.html CERT-VN 999601 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/440125/100/0/threaded http://www.securityfocus.com/archive/1/440466/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/440493/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/439653/100/0/threaded BID 18744

Return to the previous page.