Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2002-1672

Webmin 0.92, when installed from an RPM, creates /var/webmin with insecure permissions (world readable), which could allow local users to read the root user's cookie-based authentication credentials and possibly hijack the root user's session using the credentials.

  • Published: Dec 31, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-1672
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:L/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
webmin / webmin 0.92 0.92.x
webmin / webmin 0.92.1 0.92.1.x