Remote Code Execution Vulnerability in Webmin on Gentoo Linux
CVE-2005-0427

Currently unrated

Key Information:

Vendor: Gentoo
Status: Webmin
Vendor: CVE Published:; 2 May 2005

What is CVE-2005-0427?

The Webmin ebuild prior to version 1.170-r3 on Gentoo Linux has a serious security issue where it includes the encrypted root password in the miniserv.users file. This flaw allows remote attackers to access and potentially crack the encrypted password, putting systems at risk of unauthorized access. Users of this version should consider upgrading immediately to protect against possible exploits.

References

http://bugs.gentoo.org/show_bug.cgi?id=77731

x_refsource_MISC

http://www.gentoo.org/security/en/glsa/glsa-200502-12.xml

vendor-advisoryx_refsource_GENTOO

https://exchange.xforce.ibmcloud.com/vulnerabilities/19315

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Feb 15, 2005