FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

perl, webmin, usermin -- perl format string integer wrap vulnerability

Affected packages
5.6.0 <= perl < 5.6.2
5.8.0 <= perl < 5.8.7_1
webmin < 1.250
usermin < 1.180

Details

VuXML ID bb33981a-7ac6-11da-bf72-00123f589060
Discovery 2005-09-23
Entry 2006-02-15

The Perl Development page reports:

Dyad Security recently released a security advisory explaining how in certain cases, a carefully crafted format string passed to sprintf can cause a buffer overflow. This buffer overflow can then be used by an attacker to execute code on the machine. This was discovered in the context of a design problem with the Webmin administration package that allowed a malicious user to pass unchecked data into sprintf.

References

Bugtraq ID 15629
CVE Name CVE-2005-3912
CVE Name CVE-2005-3962
URL http://dev.perl.org/perl5/news/2005/perl_patches_fix_sprintf_buffer.html
URL http://www.dyadsecurity.com/perl-0002.html
URL http://www.dyadsecurity.com/webmin-0001.html
URL http://www.webmin.com/security.html