Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-1999-1074

Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking.

  • Published: Dec 31, 1999
  • Updated: Apr 13, 2023
  • CVE: CVE-1999-1074
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
webmin / webmin 0.22 0.22.x
webmin / webmin 0.4 0.4.x
webmin / webmin 0.31 0.31.x
webmin / webmin 0.42 0.42.x
webmin / webmin 0.21 0.21.x
webmin / webmin 0.2 0.2.x
webmin / webmin 0.41 0.41.x
webmin / webmin 0.3 0.3.x
webmin / webmin 0.1 0.1.x