CyberSec.Space Logo
CVEブラウザに戻る

CVE-2002-0757

HIGH
7.5
CVSS Severity Score
EPSS Score0.0730%
EPSS Percentile2.70th
Published2002年8月12日
Last Modified2026年4月16日

Vulnerability Description

(1) Webmin 0.96 and (2) Usermin 0.90 with password timeouts enabled allow local and possibly remote attackers to bypass authentication and gain privileges via certain control characters in the authentication information, which can force Webmin or Usermin to accept arbitrary username/session ID combinations.

Affected Platforms (CPE)

📦
Usermin

Usermin

= 0.7
📦
Usermin

Usermin

= 0.8
📦
Usermin

Usermin

= 0.9
📦
Webmin

Webmin

= 0.91
📦
Webmin

Webmin

= 0.92
📦
Webmin

Webmin

= 0.92.1
📦
Webmin

Webmin

= 0.93
📦
Webmin

Webmin

= 0.94
📦
Webmin

Webmin

= 0.95
📦
Webmin

Webmin

= 0.96

References & Advisories

🔗 http://online.securityfocus.com/archive/1/271466
🔗 http://www.iss.net/security_center/static/9037.php
🔗 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-033.php
🔗 http://www.securityfocus.com/bid/4700
🔗 http://online.securityfocus.com/archive/1/271466
🔗 http://www.iss.net/security_center/static/9037.php
🔗 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-033.php
🔗 http://www.securityfocus.com/bid/4700

関連する脆弱性情報

CVE-2005-117710.0

Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuratio...

CVE-2003-010110.0

miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and...

CVE-2015-20799.9

Usermin 0.980 through 1.x before 1.660 allows uconfig_save.cgi sig_file_free remote code execution because it uses the two argumen...

CVE-2002-07567.5

Cross-site scripting vulnerability in the authentication page for (1) Webmin 0.96 and (2) Usermin 0.90 allows remote attackers to ...