Published: 31/12/2002 Updated: 11/07/2017

CVSS v2 Base Score: 3.6 | Impact Score: 4.9 | Exploitability Score: 3.9

VMScore: 365

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N

The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by inserting the script into certain files or fields, such as a real user name entry in the passwd file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
webmin webmin 0.1
webmin webmin 0.41
webmin webmin 0.42
webmin webmin 0.78
webmin webmin 0.79
webmin webmin 0.80
webmin webmin 0.92.1
webmin webmin 0.22
webmin webmin 0.3
webmin webmin 0.6
webmin webmin 0.7
webmin webmin 0.85
webmin webmin 0.88
webmin webmin 0.31
webmin webmin 0.4
webmin webmin 0.76
webmin webmin 0.77
webmin webmin 0.91
webmin webmin 0.92
webmin webmin 0.2
webmin webmin 0.21
webmin webmin 0.5
webmin webmin 0.51
webmin webmin 0.83
webmin webmin 0.84

source: wwwsecurityfocuscom/bid/4329/info Webmin is a web-based interface for system administration of Unix and Linux operating systems Webmin does not filter script code from output that may be displayed by the web interface, such as log files, etc This may enable a local attacker, with write privileges to such files, to cause arbitra ...

NVD-CWE-Other http://online.securityfocus.com/archive/1/263181 http://www.securityfocus.com/bid/4329 https://exchange.xforce.ibmcloud.com/vulnerabilities/8596 https://nvd.nist.gov https://www.exploit-db.com/exploits/21348/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-1673

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect