Lucene search

MitreCVE-2001-1530

HistoryJul 14, 2005 - 4:00 a.m.

CVE-2001-1530

2005-07-1404:00:00

mitre

web.nvd.nist.gov

webmin 0.80

webmin 0.88

run.cgi

temporary files

permissions

command execution.

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

Percentile

5.2%

JSON

run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands.

Affected configurations

Nvd

Node

webminwebminMatch0.80

webminwebminMatch0.88

VendorProductVersionCPE
webminwebmin0.80cpe:2.3:a:webmin:webmin:0.80:*:*:*:*:*:*:*
webminwebmin0.88cpe:2.3:a:webmin:webmin:0.88:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
webmin	webmin	0.80	cpe:2.3:a:webmin:webmin:0.80:::::::*
webmin	webmin	0.88	cpe:2.3:a:webmin:webmin:0.88:::::::*

References

archives.neohapsis.com/archives/vulnwatch/2001-q4/0015.html

www.securiteam.com/unixfocus/6R00M0K2UC.html

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

Percentile

5.2%

JSON

Related for CVE-2001-1530