CVE-2001-1074

2001-05-28T04:00:00
ID CVE-2001-1074
Type cve
Reporter cve@mitre.org
Modified 2017-10-10T01:29:00

Description

Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges.