---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Mandriva update for webmin SECUNIA ADVISORY ID: SA22114 VERIFY ADVISORY: http://secunia.com/advisories/22114/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Exposure of sensitive information WHERE: >From remote OPERATING SYSTEM: Mandriva Linux 2007 http://secunia.com/product/12165/ DESCRIPTION: Mandriva has issued an update for webmin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information. For more information: SA21690 SOLUTION: Apply updated packages. Mandriva Linux 2007 e47e91c741de0fa6fabb1653784c0400 2007.0/i586/webmin-1.290-4.1mdv2007.0.noarch.rpm 5796c775e71e3aef04bd6fd356ea049e 2007.0/SRPMS/webmin-1.290-4.1mdv2007.0.src.rpm Mandriva Linux 2007/X86_64 e6042ec6b4e74f560e9a05f8b05fafd5 2007.0/x86_64/webmin-1.290-4.1mdv2007.0.noarch.rpm 5796c775e71e3aef04bd6fd356ea049e 2007.0/SRPMS/webmin-1.290-4.1mdv2007.0.src.rpm ORIGINAL ADVISORY: http://www.mandriva.com/security/advisories?name=MDKSA-2006:170-1 OTHER REFERENCES: SA21690: http://secunia.com/advisories/21690/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------