Vulnerabilities > CVE-2005-1177 - Denial-Of-Service vulnerability in Usermin

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

usermin

webmin

critical

nessus

NVD

Published: 2005-05-02

Updated: 2017-07-11

Summary

Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown impact.

Vulnerable Configurations

Part	Description	Count
Application	Usermin Usermin Usermin 0.4 Usermin Usermin 0.5 Usermin Usermin 0.6 Usermin Usermin 0.7 Usermin Usermin 0.8 Usermin Usermin 0.9 Usermin Usermin 0.91 Usermin Usermin 0.92 Usermin Usermin 0.93 Usermin Usermin 0.94 Usermin Usermin 0.95 Usermin Usermin 0.96 Usermin Usermin 0.97 Usermin Usermin 0.98 Usermin Usermin 0.99 Usermin Usermin 1.000 Usermin Usermin 1.010 Usermin Usermin 1.020 Usermin Usermin 1.030 Usermin Usermin 1.040 Usermin Usermin 1.051 Usermin Usermin 1.060 Usermin Usermin 1.070 Usermin Usermin 1.080 Usermin Usermin 1.090 Usermin Usermin 1.100 Usermin Usermin 1.110 Usermin Usermin 1.120 Usermin Usermin 1.130 Usermin Usermin 1.140	30
Application	Webmin Webmin Webmin 0.4 Webmin Webmin 0.5 Webmin Webmin 0.6 Webmin Webmin 0.7 Webmin Webmin 0.80 Webmin Webmin 0.90 Webmin Webmin 0.91 Webmin Webmin 0.92 Webmin Webmin 0.93 Webmin Webmin 0.94 Webmin Webmin 0.95 Webmin Webmin 0.96 Webmin Webmin 0.97 Webmin Webmin 0.98 Webmin Webmin 0.99 Webmin Webmin 1.0.00 Webmin Webmin 1.0.10 Webmin Webmin 1.0.20 Webmin Webmin 1.0.30 Webmin Webmin 1.0.40 Webmin Webmin 1.0.51 Webmin Webmin 1.0.60 Webmin Webmin 1.0.70 Webmin Webmin 1.0.80 Webmin Webmin 1.0.90 Webmin Webmin 1.1.00 Webmin Webmin 1.1.10 Webmin Webmin 1.1.20 Webmin Webmin 1.1.30 Webmin Webmin 1.1.40	30

Nessus

NASL family	CGI abuses
NASL id	WEBMIN_1_200.NASL
description	According to its self-reported version, the Webmin install hosted on the remote host is prior to 1.200. It is, therefore, affected by an issue which may allow a remote attacker to access and alter certain configuration files, which could lead to privilege escalation or other attacks.
last seen	2020-06-01
modified	2020-06-02
plugin id	108547
published	2018-03-22
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/108547
title	Webmin < 1.200 Unauthorized Configuration File Access

Summary

Vulnerable Configurations

Nessus

References