FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  517944
Date:      2019-11-19
Time:      08:25:04Z
Committer: joneum

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
ece65d3b-c20c-11e9-8af4-bcaec55be5e5webmin -- unauthenticated remote code execution

Joe Cooper reports:

I've rolled out Webmin version 1.930 and Usermin version 1.780 for all repositories. This release includes several security fixes, including one potentially serious one caused by malicious code inserted into Webmin and Usermin at some point on our build infrastructure. We're still investigating how and when, but the exploitable code has never existed in our github repositories, so we've rebuilt from git source on new infrastructure (and checked to be sure the result does not contain the malicious code).

I don't have a changelog for these releases yet, but I wanted to announce them immediately due to the severity of this issue. To exploit the malicious code, your Webmin installation must have Webmin -> Webmin Configuration -> Authentication -> Password expiry policy set to Prompt users with expired passwords to enter a new one. This option is not set by default, but if it is set, it allows remote code execution.

This release addresses CVE-2019-15107, which was disclosed earlier today. It also addresses a handful of XSS issues that we were notified about, and a bounty was awarded to the researcher (a different one) who found them.


Discovery 2019-08-17
Entry 2019-08-17
webmin
lt 1.930

usermin
lt 1.780

https://virtualmin.com/node/66890
CVE-2019-15107
227475c2-09cb-11db-9156-000e0c2e438awebmin, usermin -- arbitrary file disclosure vulnerability

The webmin development team reports:

An attacker without a login to Webmin can read the contents of any file on the server using a specially crafted URL. All users should upgrade to version 1.290 as soon as possible, or setup IP access control in Webmin.


Discovery 2006-06-30
Entry 2006-07-02
webmin
lt 1.290

usermin
lt 1.220

18744
http://www.webmin.com/security.html
bb33981a-7ac6-11da-bf72-00123f589060perl, webmin, usermin -- perl format string integer wrap vulnerability

The Perl Development page reports:

Dyad Security recently released a security advisory explaining how in certain cases, a carefully crafted format string passed to sprintf can cause a buffer overflow. This buffer overflow can then be used by an attacker to execute code on the machine. This was discovered in the context of a design problem with the Webmin administration package that allowed a malicious user to pass unchecked data into sprintf.


Discovery 2005-09-23
Entry 2006-02-15
perl
ge 5.6.0 lt 5.6.2

ge 5.8.0 lt 5.8.7_1

webmin
lt 1.250

usermin
lt 1.180

15629
CVE-2005-3912
CVE-2005-3962
http://dev.perl.org/perl5/news/2005/perl_patches_fix_sprintf_buffer.html
http://www.dyadsecurity.com/perl-0002.html
http://www.dyadsecurity.com/webmin-0001.html
http://www.webmin.com/security.html
bb33981a-7ac6-11da-bf72-00123f589060perl, webmin, usermin -- perl format string integer wrap vulnerability

The Perl Development page reports:

Dyad Security recently released a security advisory explaining how in certain cases, a carefully crafted format string passed to sprintf can cause a buffer overflow. This buffer overflow can then be used by an attacker to execute code on the machine. This was discovered in the context of a design problem with the Webmin administration package that allowed a malicious user to pass unchecked data into sprintf.


Discovery 2005-09-23
Entry 2006-02-15
perl
ge 5.6.0 lt 5.6.2

ge 5.8.0 lt 5.8.7_1

webmin
lt 1.250

usermin
lt 1.180

15629
CVE-2005-3912
CVE-2005-3962
http://dev.perl.org/perl5/news/2005/perl_patches_fix_sprintf_buffer.html
http://www.dyadsecurity.com/perl-0002.html
http://www.dyadsecurity.com/webmin-0001.html
http://www.webmin.com/security.html
227475c2-09cb-11db-9156-000e0c2e438awebmin, usermin -- arbitrary file disclosure vulnerability

The webmin development team reports:

An attacker without a login to Webmin can read the contents of any file on the server using a specially crafted URL. All users should upgrade to version 1.290 as soon as possible, or setup IP access control in Webmin.


Discovery 2006-06-30
Entry 2006-07-02
webmin
lt 1.290

usermin
lt 1.220

18744
http://www.webmin.com/security.html