CVE-2002-1672: CVE-2002-1672

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2002-1672

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Webmin 0.92, when installed from an RPM, creates /var/webmin with insecure permissions (world readable), which could allow local users to read the root user's cookie-based authentication credentials and possibly hijack the root user's session using the credentials.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Webmin不安全目录权限漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Webmin是一宽基于WEB接口的Unix和Linux操作系统系统管理程序。 Webmin在从RPM安装时存在问题，建立全局可读的/var/webmin目录，可导致敏感信息被泄露。 Webmin在RPM安装后建立的/var/webmin目录全局可读，如果命令日志功能激活的情况下，就可能造成本地攻击者读取root用户基于COOKIE的认证信息，使用这些认证信息就可以劫持ROOT用户的Webmin会话并控制整个系统。目录/etc/webmin/servers/也以全局可读属性设置，并且以明文方式存在相关认证

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2002-1672

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2002-1672

Please Login to view more intelligence information

http://www.webmin.com/changes.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/4328vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/8595vdb-entryx_refsource_XF
http://online.securityfocus.com/archive/1/263181mailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2002-1672

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2002-1672

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2002-1672

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2002-1672

III. Intelligence Information for CVE-2002-1672

New Vulnerabilities

V. Comments for CVE-2002-1672

Leave a comment