VYPR

Webmin

by Webmin

Source repositories

CVEs (103)

  • CVE-2001-1074May 28, 2001
    risk 0.00cvss epss 0.01

    Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges.

  • CVE-2001-0222Mar 26, 2001
    risk 0.00cvss epss 0.00

    webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack.

  • CVE-1999-1074Dec 31, 1999
    risk 0.00cvss epss 0.02

    Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking.

Page 6 of 6