CVE-2002-1673
Last modified
CVE-2002-1673 is a vulnerability of currently unknown severity. The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by inserting the script into certain files or fields, such as a real user name entry in the passwd file.. EPSS estimates a 0.79% chance of exploitation in the next 30 days.
Description
The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by inserting the script into certain files or fields, such as a real user name entry in the passwd file.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Webmin | Webmin | 0.1 |
| Webmin | Webmin | 0.2 |
| Webmin | Webmin | 0.3 |
| Webmin | Webmin | 0.4 |
| Webmin | Webmin | 0.5 |
| Webmin | Webmin | 0.6 |
| Webmin | Webmin | 0.7 |
| Webmin | Webmin | 0.21 |
| Webmin | Webmin | 0.22 |
| Webmin | Webmin | 0.31 |
| Webmin | Webmin | 0.41 |
| Webmin | Webmin | 0.42 |
| Webmin | Webmin | 0.51 |
| Webmin | Webmin | 0.76 |
| Webmin | Webmin | 0.77 |
| Webmin | Webmin | 0.78 |
| Webmin | Webmin | 0.79 |
| Webmin | Webmin | 0.80 |
| Webmin | Webmin | 0.83 |
| Webmin | Webmin | 0.84 |
| Webmin | Webmin | 0.85 |
| Webmin | Webmin | 0.88 |
| Webmin | Webmin | 0.91 |
| Webmin | Webmin | 0.92 |
| Webmin | Webmin | 0.92.1 |
References
- http://www.securityfocus.com/bid/4329Exploit, Patch
- http://www.securityfocus.com/bid/4329Exploit, Patch
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2002-1673?
How severe is CVE-2002-1673?
How do I fix CVE-2002-1673?
Are you affected by CVE-2002-1673?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST