[Am-info] Webmin/Usermin CSS vulnerability

[Fred A. Miller]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Webmin/Usermin CSS vulnerability

Webmin prior to version 0.970 and Usermin prior to version 0.90
were found vulnerable to cross-site scripting in the handling of
unauthenticated requests for pages.

These vulnerabilities are confirmed. Webmin version 0.970 and Usermin
0.90 contain the fixes.

Source: SecurityFocus Bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-05/0040.html

- --

Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org, www.cupserv.org
- --- SuSE Linux v8.0 Pro---
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAjzlXuAACgkQB9vk4ichYXfrxQCeKcVLFS8nUwDXcUJTVNW3dPc8
ZBQAnipGdBFpSiQvdxfZQJzkx015pqDv
=TaFv
-----END PGP SIGNATURE-----