Test Kennung:	1.3.6.1.4.1.25623.1.0.11280
Kategorie:	Gain root remotely
Titel:	Usermin Session ID Spoofing
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote server is running a version of Usermin which is vulnerable to Session ID spoofing. An attacker may use this flaw to log in as root on this host, and basically gain full control on it Solution : upgrade to usermin 1.000 Risk factor : High
Querverweis:	BugTraq ID: 6915 Common Vulnerability Exposure (CVE) ID: CVE-2003-0101 http://www.securityfocus.com/bid/6915 Bugtraq: 20030224 GLSA: usermin (200302-14) (Google Search) http://marc.info/?l=bugtraq&m=104610336226274&w=2 Bugtraq: 20030224 Webmin 1.050 - 1.060 remote exploit (Google Search) http://marc.info/?l=bugtraq&m=104610245624895&w=2 Bugtraq: 20030224 [SNS Advisory No.62] Webmin/Usermin Session ID Spoofing Vulnerability "Episode 2" (Google Search) http://marc.info/?l=bugtraq&m=104610300325629&w=2 Computer Incident Advisory Center Bulletin: N-058 http://www.ciac.org/ciac/bulletins/n-058.shtml Debian Security Information: DSA-319 (Google Search) http://www.debian.org/security/2003/dsa-319 En Garde Linux Advisory: ESA-20030225-006 http://archives.neohapsis.com/archives/linux/engarde/2003-q1/0008.html HPdes Security Advisory: HPSBUX0303-250 http://archives.neohapsis.com/archives/hp/2003-q1/0063.html http://www.mandriva.com/security/advisories?name=MDKSA-2003:025 http://www.lac.co.jp/security/english/snsadv_e/62_e.html http://www.securitytracker.com/id?1006160 http://secunia.com/advisories/8115 http://secunia.com/advisories/8163 SGI Security Advisory: 20030602-01-I ftp://patches.sgi.com/support/free/security/advisories/20030602-01-I http://www.iss.net/security_center/static/11390.php
Copyright	This script is Copyright (C) 2003 Renaud Deraison

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.