|
|
Webmin/Usermin Session ID Spoofing Unauthenticated Access Vulnerability
|
Bugtraq ID:
|
6915
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2003-0101
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Feb 20 2003 12:00AM
|
|
Updated:
|
Jul 11 2009 08:06PM
|
|
Credit:
|
The discovery of this vulnerability has been credited to Keigo Yamazaki and Cintia M. Imanishi.
|
|
Vulnerable:
|
Webmin Webmin 1.0 60
Webmin Webmin 1.0 50
Webmin Webmin 0.990
Webmin Webmin 0.970
Webmin Usermin 0.99
+
MandrakeSoft Linux Mandrake 9.0
Webmin Usermin 0.98
+
HP Apache-Based Web Server 2.0.43 .00
+
HP Apache-Based Web Server 1.3.27 .00
+
HP Webmin-Based Admin 1.0 .01
Webmin Usermin 0.97
+
MandrakeSoft Linux Mandrake 8.2 ppc
+
MandrakeSoft Linux Mandrake 8.2
+
MandrakeSoft Linux Mandrake 8.1 ia64
+
MandrakeSoft Linux Mandrake 8.1
+
MandrakeSoft Linux Mandrake 8.0 ppc
+
MandrakeSoft Linux Mandrake 8.0
+
MandrakeSoft Linux Mandrake 7.2
+
MandrakeSoft Single Network Firewall 7.2
Webmin Usermin 0.96
Webmin Usermin 0.95
Webmin Usermin 0.94
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 alpha
Webmin Usermin 0.93
Webmin Usermin 0.92
Webmin Usermin 0.91
Webmin Usermin 0.9
Webmin Usermin 0.8
Webmin Usermin 0.7
Webmin Usermin 0.6
Webmin Usermin 0.5
Webmin Usermin 0.4
SGI IRIX 6.5.19
SGI IRIX 6.5.18
SGI IRIX 6.5.17
SGI IRIX 6.5.16
SGI IRIX 6.5.15
SGI IRIX 6.5.14
SGI IRIX 6.5.13
SGI IRIX 6.5.12
SGI IRIX 6.5.11
SGI IRIX 6.5.10
SGI IRIX 6.5.9
SGI IRIX 6.5.8
SGI IRIX 6.5.7
SGI IRIX 6.5.6
SGI IRIX 6.5.5
SGI IRIX 6.5.4
SGI IRIX 6.5.3
SGI IRIX 6.5.2
SGI IRIX 6.5.1
SGI IRIX 6.5
SCO OpenLinux Workstation 3.1.1
SCO OpenLinux Server 3.1.1
HP Webmin-Based Admin 1.0 .01
-
HP HP-UX 11.22
-
HP HP-UX 11.20
-
HP HP-UX 11.11
-
HP HP-UX 11.0
HP Apache-Based Web Server 2.0.43 .00
-
HP HP-UX 11.22
-
HP HP-UX 11.20
-
HP HP-UX 11.11
-
HP HP-UX 11.0
HP Apache-Based Web Server 1.3.27 .00
-
HP HP-UX 11.22
-
HP HP-UX 11.20
-
HP HP-UX 11.11
-
HP HP-UX 11.0
EnGarde Guardian Digital WebTool 1.2
|
|
|
|
Not Vulnerable:
|
Webmin Webmin 1.0 70
+
HP Apache-Based Web Server 1.3.27 .01
+
HP Apache-Based Web Server 1.3.27 .01
+
HP Webmin-Based Admin 1.0.1 .01
+
HP Webmin-Based Admin 1.0.1 .01
+
Turbolinux Turbolinux Server 8.0
+
Turbolinux Turbolinux Server 8.0
+
Turbolinux Turbolinux Server 7.0
+
Turbolinux Turbolinux Server 7.0
+
Turbolinux Turbolinux Workstation 8.0
Webmin Usermin 1.0
SGI IRIX 6.5.20
|
|
|
