Lucene search
K

1357 matches found

Cvelist
Cvelist
added 2002/03/15 5:0 a.m.25 views

CVE-2001-1196

Directory traversal vulnerability in editaction.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' dot dot in the argument...

6.6AI score0.09778EPSS
Exploits1References4
CVE
CVE
added 2002/03/15 5:0 a.m.66 views

CVE-2001-1196

CVE-2001-1196 concerns Webmin 0.91, where a directory traversal flaw in edit_action.cgi could allow privilege escalation via a .. argument. The vulnerability is documented with a high-severity score (CVSS v2: HIGH, base 10.0) and is referenced by multiple sources. A remediation available in the c...

10CVSS6.7AI score0.09778EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2002/03/09 5:0 a.m.71 views

CVE-1999-1074

Webmin before 0.5 is affected: it does not restrict the number of invalid password attempts for a valid username, enabling remote attackers to attempt brute‑force password cracking and potentially gain privileges. The issue is described across CVE-1999-1074 records (CVE/NVD/CVELIST) and corrobora...

7.5CVSS7.1AI score0.01571EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.21 views

CVE-1999-1074

Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking...

7.1AI score0.01571EPSS
Exploits0References3
NVD
NVD
added 2001/12/31 5:0 a.m.19 views

CVE-2001-1530

run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands...

4.6CVSS7AI score0.004EPSS
Exploits0References2
NVD
NVD
added 2001/12/17 5:0 a.m.25 views

CVE-2001-1196

Directory traversal vulnerability in editaction.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' dot dot in the argument...

10CVSS6.7AI score0.09778EPSS
Exploits1References4
exploitpack
exploitpack
added 2001/12/17 12:0 a.m.24 views

webmin 0.91 - Directory Traversal

webmin 0.91 - Directory Traversal source: https://www.securityfocus.com/bid/3698/info Webmin is a web-based interface for system administration for Unix. Using any browser that supports tables and forms, you can setup user accounts, Apache, DNS, file sharing and so on. Webmin will run on most Uni...

Exploits0
Exploit DB
Exploit DB
added 2001/12/17 12:0 a.m.38 views

webmin 0.91 - Directory Traversal

source: https://www.securityfocus.com/bid/3698/info Webmin is a web-based interface for system administration for Unix. Using any browser that supports tables and forms, you can setup user accounts, Apache, DNS, file sharing and so on. Webmin will run on most Unix variants, providing it has been...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2001/09/14 12:0 a.m.80 views

Webmin Detection

The remote web server is running Webmin, a web-based interface for system administration for Unix. This script was written by Georges Dagousset See the Nessus Scripts License for details Changes by Tenable: - Revised plugin title, changed family 4/13/2009 - Added CPE, updated version check, updat...

5.5AI score
Exploits0References1
securityvulns
securityvulns
added 2001/05/29 12:0 a.m.44 views

Webmin Doesn't Clean Env (root exploit)

Not sure if this is known, however I know I've seen quite a few people still using webmin 0.84. Webmin doesn't seem to clean the env properly when starting apache probably in other cases as well It leaves the var HTTPAUTHORIZATION set. All you need to do is run it though a mime 64 decode and you...

Exploits0
NVD
NVD
added 2001/05/28 4:0 a.m.16 views

CVE-2001-1074

Webmin 0.84 and earlier does not properly clear the HTTPAUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges...

7.2CVSS6.5AI score0.00514EPSS
Exploits1References5
CVE
CVE
added 2001/05/07 4:0 a.m.57 views

CVE-2001-0222

CVE-2001-0222 affects Webmin 0.84 and earlier. The vulnerability is a local, file-overwrite via a symlink attack, enabling local users to create or overwrite arbitrary files on the system. The available sources (NVD/CVE listing and Nessus plugin linking CVE-2001-0222 with Webmin 0.85+ family) con...

1.2CVSS6.4AI score0.00339EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2001/05/07 4:0 a.m.23 views

CVE-2001-0222

webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack...

6.4AI score0.00339EPSS
Exploits0References3
NVD
NVD
added 2001/03/26 5:0 a.m.20 views

CVE-2001-0222

webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack...

1.2CVSS6.4AI score0.00339EPSS
Exploits0References3
securityvulns
securityvulns
added 2001/01/23 12:0 a.m.34 views

Security Update: security problems in webmin CSSA-2001-004.0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Caldera Systems, Inc. Security Advisory Subject: security problems in webmin Advisory number: CSSA-2001-004.0 Issue date: 2001 January, 17 Cross reference: 1. Problem Description On several occasions, webmin creates temporary files insecurely. This ca...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2001/01/23 12:0 a.m.55 views

Дырка в WebMIN

небезопасное создание временных файлов...

0.4AI score
Exploits0References1Affected Software1
NVD
NVD
added 1999/12/31 5:0 a.m.17 views

CVE-1999-1074

Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking...

7.5CVSS7.1AI score0.01571EPSS
Exploits0References3
Rows per page
Query Builder