2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.2%
The Webmin developers documented a security issue in the
release notes for version 1.160:
Fixed a security hole in the maketemp.pl script, used
to create the /tmp/.webmin directory at install time. If
an un-trusted user creates this directory before Webmin
is installed, he could create in it a symbolic link
pointing to a critical file on the system, which would be
overwritten when Webmin writes to the link filename.