← Back

CVE-2004-0559

nvd nist
Published: Oct 20, 2004Modified: Apr 16, 2026

JSON object

Loading...
2.1
Vector
AV:L/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 3.9 / Impact: 2.9
Source: NVD

Description

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.

Affected (28)

Usermin
1 product
Usermin
Webmin
1 product
Webmin
Mandrakesoft
2 products
Mandrake Linux
Mandrake Linux Corporate Server
Configuration A
22 vulnerable
Vulnerable SoftwareAffected Versions
Usermin
Usermin
Version 1.000
Usermin
Version 1.010
Usermin
Version 1.020
Usermin
Version 1.030
Usermin
Version 1.040
Usermin
Version 1.051
Usermin
Version 1.060
Usermin
Version 1.070
Usermin
Version 1.080
Webmin
Webmin
Version 1.0.00
Webmin
Version 1.0.20
Webmin
Version 1.0.50
Webmin
Version 1.0.60
Webmin
Version 1.0.70
Webmin
Version 1.0.80
Webmin
Version 1.0.90
Webmin
Version 1.1.00
Webmin
Version 1.1.10
Webmin
Version 1.1.21
Webmin
Version 1.1.30
Webmin
Version 1.1.40
Webmin
Version 1.1.50
Configuration B
6 vulnerable
Vulnerable SoftwareAffected Versions
Mandrakesoft
Mandrake Linux
Version 10.0
Mandrake Linux
Version 10.0
Mandrake Linux
Version 9.2
Mandrake Linux
Version 9.2
Mandrakesoft
Mandrake Linux Corporate Server
Version 2.1
Mandrake Linux Corporate Server
Version 2.1

References (10)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.