| Vulnerability Name: | CVE-2002-2360 (CCN-9983) | ||||||||
| Assigned: | 2002-08-27 | ||||||||
| Published: | 2002-08-27 | ||||||||
| Updated: | 2008-09-05 | ||||||||
| Summary: | The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-264 | ||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||
| References: | Source: MITRE Type: CNA CVE-2002-2360 Source: BUGTRAQ Type: UNKNOWN 20020828 Webmin Vulnerability Leads to Remote Compromise (RPC CGI) Source: XF Type: UNKNOWN webmin-cgi-improper-permissions(9983) Source: CCN Type: OSVDB ID: 60228 Webmin RPC Module remote_foreign_* Request Remote File Manipulation Source: CCN Type: SecuriTeam Mailing List, UNIX focus 27 Aug 2002 Webmin Vulnerability Leads to Remote Compromise (RPC CGI) Source: MISC Type: UNKNOWN http://www.securiteam.com/unixfocus/5CP0R1P80G.html Source: BID Type: Exploit 5591 Source: CCN Type: BID-5591 Webmin RPC Function Privilege Escalation Vulnerability Source: CCN Type: Webmin Web site Webmin Source: XF Type: UNKNOWN webmin-cgi-improper-permissions(9983) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||