Full Disclosure mailing list archives

Re: Webmin miniserv.pl format string vulnerability

From: Bernhard Mueller <research () sec-consult com>
Date: Tue, 29 Nov 2005 19:26:39 +0100

As it says on http://www.dyadsecurity.com/s_advisory.html:

PUBLISHED ADVISORIES.
Webmin
Date Found:     September 23, 2005.
Public Release:         November 29, 2005.
Application:    webmin miniserv.pl, all known versions
Details:        Webmin 0001 Advisory

UPCOMING ADVISORIES.
Perl
Description:    Cross platform programming language.
Affected:       To be announced.
Release Date:   To be announced.


I guess we can expect some kind of "code execution thru perl sprintf"
advisory.


advisory () dyadsecurity com wrote:

SUMMARY.  The webmin `miniserv.pl' web server component is vulnerable to
a new class of exploitable (remote code) perl format string
vulnerabilities. During the login process it is possible to trigger this
(...)

A generic remote code execution exploit method has been developed by a
third party that is reachable though this hole itself.



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Webmin miniserv.pl format string vulnerability advisory (Nov 29)
- Message not available
  - Re: Webmin miniserv.pl format string vulnerability Jack (Nov 29)
- Re: Webmin miniserv.pl format string vulnerability H D Moore (Nov 29)
- Re: Webmin miniserv.pl format string vulnerability Bernhard Mueller (Nov 29)