32 matches found
EUVD-2009-1624
Malware in sbrugna...
CVE-2024-36451
Improper handling of insufficient permissions or privileges vulnerability exists in ajaxterm module of Webmin prior to 2.003. If this vulnerability is exploited, a console session may be hijacked by an unauthorized user. As a result, data within a system may be referred, a webpage may be altered,...
CVE-2024-36452
Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. If this vulnerability is exploited, unintended operations may be performed when a user views a malicious page while logged in. As a result, data within a system may be referred, a webpage may be...
CVE-2024-36451
Improper handling of insufficient permissions or privileges vulnerability exists in ajaxterm module of Webmin prior to 2.003. If this vulnerability is exploited, a console session may be hijacked by an unauthorized user. As a result, data within a system may be referred, a webpage may be altered,...
CVE-2024-36451
Improper handling of insufficient permissions or privileges vulnerability exists in ajaxterm module of Webmin prior to 2.003. If this vulnerability is exploited, a console session may be hijacked by an unauthorized user. As a result, data within a system may be referred, a webpage may be altered,...
CVE-2024-36452
Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. If this vulnerability is exploited, unintended operations may be performed when a user views a malicious page while logged in. As a result, data within a system may be referred, a webpage may be...
CVE-2024-36452
Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. If this vulnerability is exploited, unintended operations may be performed when a user views a malicious page while logged in. As a result, data within a system may be referred, a webpage may be...
CVE-2024-36452
Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. If this vulnerability is exploited, unintended operations may be performed when a user views a malicious page while logged in. As a result, data within a system may be referred, a webpage may be...
CVE-2024-36452
CVE-2024-36452 concerns Webmin’s ajaxterm module (Webmin prior to 2.003). The vulnerability is a cross-site request forgery (CSRF) that allows an attacker, by luring a logged‑in user to view a crafted page, to cause unintended operations. Documented impacts include potential data exposure, altera...
CVE-2024-36451
CVE-2024-36451 affects the Webmin ajaxterm module. Multiple sources (NVD, Red Hat, OSV, JVN) describe an improper handling of insufficient permissions or privileges that could allow an unauthorized user to hijack a console session, potentially exposing data, altering webpages, or causing a server...
CVE-2024-36451
Improper handling of insufficient permissions or privileges vulnerability exists in ajaxterm module of Webmin prior to 2.003. If this vulnerability is exploited, a console session may be hijacked by an unauthorized user. As a result, data within a system may be referred, a webpage may be altered,...
CVE-2024-36451
Improper handling of insufficient permissions or privileges vulnerability exists in ajaxterm module of Webmin prior to 2.003. If this vulnerability is exploited, a console session may be hijacked by an unauthorized user. As a result, data within a system may be referred, a webpage may be altered,...
PT-2024-4729 · Webmin +1 · Webmin +1
Name of the Vulnerable Software and Affected Versions: Webmin versions prior to 2.003 Description: The issue is related to improper handling of insufficient permissions or privileges in the ajaxterm module of Webmin. This could allow an unauthorized user to hijack a console session, potentially...
Webmin Security Vulnerabilities
Webmin is a set of Web-based system administration tools for use in Unix-like operating systems from the Webmin community. A security vulnerability exists in Webmin versions prior to 2.003, which stems from insufficient or improperly handled permissions in the ajaxterm module...
Webmin Security Vulnerabilities
Webmin is a set of Web-based system administration tools for use in Unix-like operating systems from the Webmin community. A security vulnerability exists in Webmin versions prior to 2.003, which stems from a cross-site request forgery vulnerability in the ajaxterm module...
PT-2024-5735 · Webmin +1 · Webmin +1
Name of the Vulnerable Software and Affected Versions: Webmin versions prior to 2.003 Description: A cross-site request forgery vulnerability exists in the ajaxterm module. If exploited, unintended operations may be performed when a user views a malicious page while logged in, potentially allowin...
Fedora Update for Ajaxterm FEDORA-2010-18867
Check for the Version of Ajaxterm OpenVAS Vulnerability Test Fedora Update for Ajaxterm FEDORA-2010-18867 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for Ajaxterm FEDORA-2010-18867
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 13 : Ajaxterm-0.10-13.fc13 (2010-18867)
Include several fixes from Debian Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 ...
Debian DSA-1994-1 : ajaxterm - weak session IDs
It was discovered that Ajaxterm, a web-based terminal, generates weak and predictable session IDs, which might be used to hijack a session or cause a denial of service attack on a system that uses Ajaxterm. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...