Webmin
by Webmin
Source repositories
CVEs (103)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-1074 | 0.00 | — | 0.01 | May 28, 2001 | Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges. | |||
| CVE-2001-0222 | 0.00 | — | 0.00 | Mar 26, 2001 | webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack. | |||
| CVE-1999-1074 | 0.00 | — | 0.02 | Dec 31, 1999 | Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. |
- CVE-2001-1074May 28, 2001risk 0.00cvss —epss 0.01
Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges.
- CVE-2001-0222Mar 26, 2001risk 0.00cvss —epss 0.00
webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack.
- CVE-1999-1074Dec 31, 1999risk 0.00cvss —epss 0.02
Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking.
Page 6 of 6