Intrusion Prevention

Webmin.And.Usermin.Information.Disclosure

Description

Webmin and Usermin are prone to an unspecified information-disclosure vulnerability. This issue is due to a failure in the applications to properly sanitize user-supplied input.
An attacker can exploit this issue to retrieve potentially sensitive information.

Affected Products

Webmin before 1.290
Usermin before 1.220

Impact

Sensitive information disclosure

Recommended Actions

The vendor has released Usermin 1.220 and Webmin 1.290 to address this issue.

CVE References

CVE-2006-3392