Page 18 of 104 results (0.003 seconds)

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0

CVE-2005-3042

https://notcve.org/view.php?id=CVE-2005-3042

miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return). • http://archives.neohapsis.com/archives/bugtraq/2005-09/0257.html http://jvn.jp/jp/JVN%2340940493/index.html http://secunia.com/advisories/16858 http://secunia.com/advisories/17282 http://securityreason.com/securityalert/17 http://www.gentoo.org/security/en/glsa/glsa-200509-17.xml http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/83_e.html http://www.mandriva.com/security/advisories?name=MDKSA-2005:176 http://www.novell.com/linux/security/advisories/2005_24_sr. •

CVSS: 10.0EPSS: 0%CPEs: 60EXPL: 0

CVE-2005-1177

https://notcve.org/view.php?id=CVE-2005-1177

Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown impact. • http://securitytracker.com/id?1013723 http://www.webmin.com/changes.html http://www.webmin.com/uchanges.html https://exchange.xforce.ibmcloud.com/vulnerabilities/20607 •

CVSS: 7.5EPSS: 1%CPEs: 22EXPL: 1

CVE-2004-1468

https://notcve.org/view.php?id=CVE-2004-1468

The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail message. • http://secunia.com/advisories/12488 http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/77_e.html http://www.securityfocus.com/bid/11122 https://exchange.xforce.ibmcloud.com/vulnerabilities/17293 •

CVSS: 2.1EPSS: 0%CPEs: 28EXPL: 0

CVE-2004-0559

https://notcve.org/view.php?id=CVE-2004-0559

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory. El script maketemp.pl en Usermin 1.070 y 1.080 permite a usuarios locales sobreescribir ficheros de su elección durante la instalación mediante un ataque de enlaces simbólicos en el directorio /tmp/.usermin • http://secunia.com/advisories/12488 http://www.gentoo.org/security/en/glsa/glsa-200409-15.xml http://www.securityfocus.com/bid/11153 http://www.webmin.com/uchanges-1.089.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17299 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2004-0582

https://notcve.org/view.php?id=CVE-2004-0582

Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gain read access to configuration information for a module. Vulnerabilidad desconocidad en Webmin 1.140 permite a atacantes remotos saltarse reglas de control de acceso y conseguir acceso de lectura a información de configuración de un módulo. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000848 http://marc.info/?l=bugtraq&m=108697184602191&w=2 http://www.debian.org/security/2004/dsa-526 http://www.gentoo.org/security/en/glsa/glsa-200406-12.xml http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/74_e.html http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:074 http://www.securityfocus.com/bid/10474 http://www.securityfocus.com/bid/10522 http://www.webmin.com •