漏洞信息详情
Webmin / Usermin安装不安全临时文件创建漏洞
- CNNVD编号:CNNVD-200410-043
- 危害等级: 低危
![图片[1]-Webmin / Usermin安装不安全临时文件创建漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-26/fa6998ac850c38cb90c47a02e5a8652c.png)
- CVE编号:
CVE-2004-0559
- 漏洞类型:
访问验证错误
- 发布时间:
2004-10-20
- 威胁类型:
本地
- 更新时间:
2005-10-20
- 厂 商:
usermin - 漏洞来源:
The vendor announc… -
漏洞简介
Usermin 1.070版本及1.080版本中的maketemp.pl脚本存在漏洞。本地用户借助/tmp/.usermin目录的符号连接攻击在安装时覆盖任意文件。
漏洞公告
It is reported that Usermin version 1.090 and Webmin 1.160 are not affected by this issue.
Gentoo has released an advisory to address these issues. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their computers:
Usermin:
emerge sync
emerge -pv “>=app-admin/usermin-1.090”
emerge “>=app-admin/usermin-1.090”
Webmin:
emerge sync
emerge -pv “>=app-admin/webmin-1.160”
emerge “>=app-admin/webmin-1.160”
Debian has released advisory DSA 544-1 along with fixes dealing with this issue. Please see the referenced advisory for more information.
Mandrake Linux has released advisory MDKSA-2004:101 along with fixes to address this issue. Please see the referenced advisory for further information.
Turbolinux has released advisory 20050207 [TURBOLINUX SECURITY INFO] 07/Feb/2005 to address various issues. Please see the referenced advisory for more information.
Webmin Webmin 1.0 00
-
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
Usermin Usermin 1.0 10
-
Usermin usermin-1.090.tar.gz
http://freshmeat.net/redir/usermin/28573/url_tgz/usermin-1.090.tar.gz
Webmin Webmin 1.0 90
-
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
Usermin Usermin 1.0 00
-
Usermin usermin-1.090.tar.gz
http://freshmeat.net/redir/usermin/28573/url_tgz/usermin-1.090.tar.gz
Usermin Usermin 1.0 30
-
Usermin usermin-1.090.tar.gz
http://freshmeat.net/redir/usermin/28573/url_tgz/usermin-1.090.tar.gz
Webmin Webmin 1.0 50
-
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
Usermin Usermin 1.0 80
-
Usermin usermin-1.090.tar.gz
http://freshmeat.net/redir/usermin/28573/url_tgz/usermin-1.090.tar.gz
Webmin Webmin 1.0 80
-
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
Usermin Usermin 1.0 51
-
Usermin usermin-1.090.tar.gz
http://freshmeat.net/redir/usermin/28573/url_tgz/usermin-1.090.tar.gz
Usermin Usermin 1.0 60
-
Usermin usermin-1.090.tar.gz
http://freshmeat.net/redir/usermin/28573/url_tgz/usermin-1.090.tar.gz
Usermin Usermin 1.0 40
-
Usermin usermin-1.090.tar.gz
http://freshmeat.net/redir/usermin/28573/url_tgz/usermin-1.090.tar.gz
Webmin Webmin 1.0 60
-
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
Webmin Webmin 1.0 70
-
TurboLinux webmin-1.070-3.noarch.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd
ates/RPMS/webmin-1.070-3.noarch.rpm -
TurboLinux webmin-1.070-3.noarch.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd
ates/RPMS/webmin-1.070-3.noarch.rpm -
TurboLinux webmin-1.070-3.noarch.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/
8/updates/RPMS/webmin-1.070-3.noarch.rpm -
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
Usermin Usermin 1.0 70
-
Usermin usermin-1.090.tar.gz
http://freshmeat.net/redir/usermin/28573/url_tgz/usermin-1.090.tar.gz
Webmin Webmin 1.0 20
-
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
Usermin Usermin 1.0 20
-
Usermin usermin-1.090.tar.gz
http://freshmeat.net/redir/usermin/28573/url_tgz/usermin-1.090.tar.gz
Webmin Webmin 1.100
-
Sun 111401-04 (sun)
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21
-111401-04-1 -
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
Webmin Webmin 1.110
-
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
Webmin Webmin 1.121
-
Mandrake webmin-1.121-4.2.100mdk.noarch.rpmMandrake Linux 10.0 & 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php -
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
Webmin Webmin 1.130
-
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
Webmin Webmin 1.140
-
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
Webmin Webmin 1.150
-
Webmin webmin-1.160.tar.gz
http://prdownloads.sourceforge.net/webadmin/webmin-1.160.tar.gz
参考网址
来源: XF
名称: usermin-installation-unspecified(17299)
链接:http://xforce.iss.net/xforce/xfdb/17299
来源: BID
名称: 11153
链接:http://www.securityfocus.com/bid/11153
来源: GENTOO
名称: GLSA-200409-15
链接:http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml
来源: SECUNIA
名称: 12488
链接:http://secunia.com/advisories/12488/
来源: www.webmin.com
链接:http://www.webmin.com/uchanges-1.089.html
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
