Usermin - Read Mail Module Hardlink Arbitrary File Access
« on: January 30, 2015, 10:23:01 AM »
Usermin is a web-based interface for webmail, password changing, mail filters, fetchmail and much more. It is designed for use by regular non-root users on a Unix system, and limits them to tasks that they would be able to perform if logged in via SSH or at the console.

Vulnerability Description:

It is possible for a malicious user to view any file on the server, including root owned files, by creating a hardlink under the user accessible mail directory which will then be rendered within Usermin.


Impact:

This vulnerability is rated as HIGH due to the fact that sensitive information can be obtained.

Vulnerable Version:

This vulnerability was tested against Usermin 1.630.

Fixed Version:


This vulnerability was patched in Usermin 1.640.