PROBLEM:
Webmin Multiple Input Validation Vulnerabilities
PLATFORM:
The vulnerabilities are reported in version 1.580. Other versions may also be affected.
ABSTRACT:
An authenticated attacker may be able to execute arbitrary commands.
reference LINKS:
Webmin Security Alerts
Bugtraq ID: 55446
Secunia Advisory SA50512
SecurityTracker Alert ID: 1027507
US CERT Vulnerability Note VU#788478
CVE-2012-2981
CVE-2012-2982
CVE-2012-2983
IMPACT ASSESSMENT:
Medium
Discussion:
Multiple vulnerabilities have been reported in Webmin, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to disclose certain sensitive information.
1) Input passed via monitor type name is not properly sanitised in edit_mon.cgi and save_mon.cgi. This can be exploited to inject and execute arbitrary Perl code.
2) Input passed via the path info to show.cgi is not properly sanitised before being used in a "open()" function call. This can be exploited to inject and execute arbitrary shell commands.
3) Input passed via the "file" parameter to edit_html.cgi is not properly verified before being used to read files. This can be exploited to read arbitrary files from local resources.
Impact:
Remote authenticated users can execute arbitrary code and view arbitrary files.
Solution:
The vendor has issued a fix.
https://github.com/webmin/webmin/commit/ed7365064c189b8f136a9f952062249167d1bd9e
https://github.com/webmin/webmin/commit/1f1411fe7404ec3ac03e803cfa7e01515e71a213
https://github.com/webmin/webmin/commit/4cd7bad70e23e4e19be8ccf7b9f245445b2b3b80