CVE-2005-3042 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2005-3042 Interim 1 4 2023-12-09T02:21:01Z current 2021-05-30T12:33:35Z 2023-12-09T02:21:01Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2005-3042 miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XPBG4FXG5CRDFZWGXCTBE6VYIG2U7XOG/#XPBG4FXG5CRDFZWGXCTBE6VYIG2U7XOG E-Mail link for SUSE-SR:2005:024 https://www.suse.com/support/security/rating/ SUSE Security Ratings miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return). CVE-2005-3042 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P