[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] re: webmin remote format string bug

This is exploitable - Immunity has a PoC exploit in our Partner's section written by Bas Alberts.

Thanks,
Dave Aitel
Immunity, Inc.


craig@xxxxxxxxxx wrote: 
Hello!
I succeeded in crashing webmin 1.230 with:

username %n
password aaaa

after klicking 4 times on "Login" webmin was dead.
There were no logs at all, and no error was shown in the web interface...
Any idea if it's really exploitable (executing code I mean)? Is anyone working 
on a POC?

giarc@xxxxxxxxx






_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/