CVE-2004-1468
CVSS7.5
发布时间 :2004-12-31 00:00:00
修订时间 :2008-09-05 16:41:28
NMCO    

[原文]The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail message.


[CNNVD]Cisco Catalyst启用密码绕过漏洞(CNNVD-200412-1201)

        Usermin 1.x 和 Webmin 1.x版本中的网络邮件功能存在漏洞。远程攻击者可以通过电子邮件中的shell元字符来执行任意命令。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:webmin:webmin:1.1.50
cpe:/a:webmin:webmin:1.0.60
cpe:/a:webmin:webmin:1.1.00
cpe:/a:usermin:usermin:1.051
cpe:/a:webmin:webmin:1.0.70
cpe:/a:usermin:usermin:1.080
cpe:/a:webmin:webmin:1.0.50
cpe:/a:usermin:usermin:1.060
cpe:/a:webmin:webmin:1.0.00
cpe:/a:usermin:usermin:1.010
cpe:/a:webmin:webmin:1.1.21
cpe:/a:webmin:webmin:1.0.80
cpe:/a:usermin:usermin:1.000
cpe:/a:webmin:webmin:1.0.20
cpe:/a:usermin:usermin:1.040
cpe:/a:usermin:usermin:1.070
cpe:/a:webmin:webmin:1.1.30
cpe:/a:usermin:usermin:1.030
cpe:/a:usermin:usermin:1.020
cpe:/a:webmin:webmin:1.1.40
cpe:/a:webmin:webmin:1.1.10
cpe:/a:webmin:webmin:1.0.90

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1468
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1468
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200412-1201
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/11122
(PATCH)  BID  1122
http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml
(PATCH)  GENTOO  GLSA-200409-15
http://secunia.com/advisories/12488/
(PATCH)  SECUNIA  12488
http://xforce.iss.net/xforce/xfdb/17293
(UNKNOWN)  XF  usermin-web-mail-command-execution(17293)
http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/77_e.html
(UNKNOWN)  MISC  http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/77_e.html

- 漏洞信息

Cisco Catalyst启用密码绕过漏洞
高危 访问验证错误
2004-12-31 00:00:00 2005-10-20 00:00:00
远程※本地  
        Usermin 1.x 和 Webmin 1.x版本中的网络邮件功能存在漏洞。远程攻击者可以通过电子邮件中的shell元字符来执行任意命令。

- 公告与补丁

        The following information has been copied from the Cisco security advisory on this topic, the advisory itself is attached in the 'Credit' section of this vulnerability entry:
        Cisco is offering free software upgrades to remedy this vulnerability for all affected customers.
        Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained via the Software Center on Cisco's Worldwide Web site at:
        http://www.cisco.com.
         Customers without contracts should get their upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows:
        * +1 800 553 2447 (toll-free from within North America)
         * +1 408 526 7209 (toll call from anywhere in the world)
         * e-mail: tac@cisco.com
         Give the URL of this notice as evidence of your entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Please do not contact either "psirt@cisco.com" or "security-alert@cisco.com" for software upgrades.

- 漏洞信息

9776
Usermin HTML Mail Command Execution
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Unknown

- 漏洞描述

Usermin contains a flaw that may allow a malicious user to execute arbitrary OS commands. The issue is triggered when a user views a specially crafted HTML mail. It is possible that the flaw may allow an attacker to run OS commands as the Usermin user resulting in a loss of integrity.

- 时间线

2004-09-07 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 1.090 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站