CVE-2006-4246
3.6
Vector
AV:L/AC:L/Au:N/C:P/I:N/A:P
Exploitability: 3.9 / Impact: 4.9
Source: NVD
Description
Usermin before 1.220 (20060629) allows remote attackers to read arbitrary files, possibly related to chfn/save.cgi not properly handling an empty shell parameter, which results in changing root's shell instead of the shell of a specified user.
Affected (32)
References (18)
Source: security@debian.org
Patch
Source: security@debian.org
Source: security@debian.org
Source: security@debian.org
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.