Lucene search

K
cve[email protected]CVE-2005-0427
HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0427

2005-05-0204:00:00
web.nvd.nist.gov
20
webmin
gentoo linux
cve-2005-0427
encrypted password
security vulnerability

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

74.0%

The ebuild of Webmin before 1.170-r3 on Gentoo Linux includes the encrypted root password in the miniserv.users file when building a tbz2 of the webmin package, which allows remote attackers to obtain and possibly crack the encrypted password.

Affected configurations

NVD
Node
gentoowebminMatch1.140
OR
gentoowebminMatch1.150
OR
gentoowebminMatch1.160
OR
gentoowebminMatch1.170r1
OR
gentoowebminMatch1.170r2

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

74.0%