[VIM] Webmin traversal - changelog

security curmudgeon jericho at attrition.org
Fri Jun 30 16:39:52 EDT 2006


Version 1.290 (29 June 2006)
Fixed a security hole that would allow a remote attacker to view any file 
on the system.

Version 1.280 (16 June 2006)
Fixed a security hole that allows remote viewing of any file on the system 
when Webmin is run on a Windows server.


Multiple guess!

a) Not properly fixed the first time
b) Originally thought to be Windows only, then discovered works on Unix
c) Completely seperate issues/scripts

More information about the VIM mailing list