CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-1672

Webmin 0.92, when installed from an RPM, creates /var/webmin with insecure permissions (world readable), which could allow local users to read the root user's cookie-based authentication credentials and possibly hijack the root user's session using the credentials.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.7%

CVSS Severity

CVSS v2 Score 2.1

References

http://online.securityfocus.com/archive/1/263181
http://www.securityfocus.com/bid/4328
http://www.webmin.com/changes.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/8595
http://online.securityfocus.com/archive/1/263181
http://www.securityfocus.com/bid/4328
http://www.webmin.com/changes.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/8595

Products affected by CVE-2002-1672

Webmin » Webmin » Version: 0.92

cpe:2.3:a:webmin:webmin:0.92
Webmin » Webmin » Version: 0.92.1

cpe:2.3:a:webmin:webmin:0.92.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-1672

Products

Pricing

Contact Us