Remote Code Execution Vulnerability in Webmin by Vintage Web Technologies
CVE-2012-2981

Currently unrated

Key Information:

Vendor: Gentoo
Status: Webmin
Vendor: CVE Published:; 11 September 2012

What is CVE-2012-2981?

A flaw in Webmin versions up to 1.590 allows authenticated remote users to execute arbitrary Perl code by uploading a specially crafted file linked to the monitor type name parameter. This vulnerability can be exploited if an attacker has valid credentials, enabling potential unauthorized access to sensitive systems and data. Appropriate security measures should be taken to mitigate this risk.

References

http://www.americaninfosec.com/research/dossiers/AISG-12-...

x_refsource_MISC

http://www.kb.cert.org/vuls/id/788478

third-party-advisoryx_refsource_CERT-VN

http://www.securitytracker.com/id?1027507

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 11, 2012
Vulnerability Reserved
May 30, 2012

Gentoo

What is CVE-2012-2981?

References

Timeline