CVE-2011-1937
Vulnerability from cvelistv5
Published
2011-05-31 20:00
Modified
2024-08-06 22:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier allows local users to inject arbitrary web script or HTML via a chfn command that changes the real (aka Full Name) field, related to useradmin/index.cgi and useradmin/user-lib.pl.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:46:00.806Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20110524 Re: CVE Request: Webmin Local Privilege Escalation Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/05/24/7"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.youtube.com/watch?v=CUO7JLIGUf0"
          },
          {
            "name": "1025438",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025438"
          },
          {
            "name": "20110424 XSS in Webmin 1.540 + exploit for privilege escalation",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/517658"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881"
          },
          {
            "name": "[oss-security] 20110522 CVE Request: Webmin Local Privilege Escalation Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/05/22/1"
          },
          {
            "name": "MDVSA-2011:109",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:109"
          },
          {
            "name": "8264",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8264"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://javierb.com.ar/2011/04/24/xss-webmin-1-540/"
          },
          {
            "name": "47558",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/47558"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-04-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier allows local users to inject arbitrary web script or HTML via a chfn command that changes the real (aka Full Name) field, related to useradmin/index.cgi and useradmin/user-lib.pl."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-09-07T09:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[oss-security] 20110524 Re: CVE Request: Webmin Local Privilege Escalation Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/05/24/7"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.youtube.com/watch?v=CUO7JLIGUf0"
        },
        {
          "name": "1025438",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1025438"
        },
        {
          "name": "20110424 XSS in Webmin 1.540 + exploit for privilege escalation",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/517658"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881"
        },
        {
          "name": "[oss-security] 20110522 CVE Request: Webmin Local Privilege Escalation Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/05/22/1"
        },
        {
          "name": "MDVSA-2011:109",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:109"
        },
        {
          "name": "8264",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8264"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://javierb.com.ar/2011/04/24/xss-webmin-1-540/"
        },
        {
          "name": "47558",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/47558"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2011-1937",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier allows local users to inject arbitrary web script or HTML via a chfn command that changes the real (aka Full Name) field, related to useradmin/index.cgi and useradmin/user-lib.pl."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20110524 Re: CVE Request: Webmin Local Privilege Escalation Vulnerability",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/05/24/7"
            },
            {
              "name": "http://www.youtube.com/watch?v=CUO7JLIGUf0",
              "refsource": "MISC",
              "url": "http://www.youtube.com/watch?v=CUO7JLIGUf0"
            },
            {
              "name": "1025438",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1025438"
            },
            {
              "name": "20110424 XSS in Webmin 1.540 + exploit for privilege escalation",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/517658"
            },
            {
              "name": "https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881",
              "refsource": "CONFIRM",
              "url": "https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881"
            },
            {
              "name": "[oss-security] 20110522 CVE Request: Webmin Local Privilege Escalation Vulnerability",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2011/05/22/1"
            },
            {
              "name": "MDVSA-2011:109",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:109"
            },
            {
              "name": "8264",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8264"
            },
            {
              "name": "http://javierb.com.ar/2011/04/24/xss-webmin-1-540/",
              "refsource": "MISC",
              "url": "http://javierb.com.ar/2011/04/24/xss-webmin-1-540/"
            },
            {
              "name": "47558",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/47558"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-1937",
    "datePublished": "2011-05-31T20:00:00",
    "dateReserved": "2011-05-09T00:00:00",
    "dateUpdated": "2024-08-06T22:46:00.806Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-1937\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2011-05-31T20:55:05.173\",\"lastModified\":\"2011-09-22T03:31:09.443\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier allows local users to inject arbitrary web script or HTML via a chfn command that changes the real (aka Full Name) field, related to useradmin/index.cgi and useradmin/user-lib.pl.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Webmin 1.540 y versiones anteriores permite a usuarios remotos inyectar codigo de script web o c\u00f3digo HTML de su elecci\u00f3n a trav\u00e9s de un comando chfn que modifica el campo real (Full Name). Relacionado con useradmin/index.cgi y useradmin/user-lib.pl.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\",\"baseScore\":4.3},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.540\",\"matchCriteriaId\":\"99196F59-548C-40FD-9EA7-6200901120E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.75:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"180192C4-DDF9-4278-A213-24A91137D4FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.76:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F05CF0BA-0606-42E5-A631-D302FF1D59F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.77:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A79B7B3-708A-42E4-B4EF-7746F6292DB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.78:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2F06BC0-0418-4A1C-BD4A-B7429A6CEA39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.79:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1817FDA9-31F4-4D4A-A867-386D2F1CDB1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.80:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23522A64-FD03-4C5B-9A8A-5E7CDDC65CEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.81:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"192B0ED0-5967-4169-A644-1DAB8D4BF981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.82:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2B5EE2D-9105-4BD5-B298-34DFB332A728\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.83:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFD94AA9-CABA-4FC8-8367-D5D9D8B4F623\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.84:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35B136CA-47BF-46DE-885A-9E74EBDE5306\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.85:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9A3F522-6E6D-446C-8694-7AE91F19F1C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.86:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9B426CD-5105-4EDE-8ED5-991C6B712DF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.87:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE21BBCF-6F4B-4EEA-B80B-2AE46B6FB2ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.88:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBB86BC7-4A99-4C5B-9460-CDDA7C4E4041\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.91:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B0813F3-1886-481E-8822-4BD199C4934F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.92:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D25A7CA-ED9D-4562-8965-D4906D1BE5FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.93:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1F2D028-F2F9-4CE0-A24B-7DB44D488D4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.94:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EE7A9B-5688-4933-95B9-476873D44A65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.950:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08068E84-9EE5-4742-B70A-567CD4199604\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.960:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C6D5F6A-B34F-4134-959F-C31FC84EBCF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.970:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB4FEC51-DD03-418D-8E55-CEE696BE2D74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.980:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B9F8F43-F9EC-4BC0-BDF6-EC3EDF5A71F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:0.990:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB6865E9-F244-4019-AA4C-3DB1655A6AA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17054066-DE7F-4BE7-A2DA-9426DE6B7D3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.010:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C04909C-17D9-46FF-BCCF-45F2531A1B6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.020:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B12A859-CFE1-46B7-B607-AF5BB6F5A081\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.030:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"860599C2-ED30-454A-8ABA-D62F6019D1E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.040:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92F68614-84A3-4CB8-9481-9D3D089FF3E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.050:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1539E34-B384-4882-953E-896971C1E8AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.060:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"784B61DA-2890-4B4C-9D07-258A2C183132\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.070:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E91A2F5-2C56-4D5E-BBC7-F48BF458C264\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.080:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CE691D3-3A39-4B95-BD15-562D8A80BAE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.090:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE8E9AF8-6660-45F7-BF4A-B9C71CED7A68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.100:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84063206-CEF4-4829-A74A-55C767923D5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.110:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D885CB6A-06E9-416C-93D2-9C5A9931CF56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.121:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97FE2F9D-C573-44BB-A542-8512FD27D130\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.130:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8209350C-BD76-43E2-9E81-CECD03A214B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.140:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86FB60E8-8A87-4838-8144-1FCFB8C382FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.150:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A98A70E1-A1BD-45A6-A409-97B7FAA07E5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.160:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09CB193D-3D6B-4680-8490-6FAA714C45A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.170:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"471E5FDB-0C34-4D3A-BACC-1EADE1ADCE83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.180:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F97EC65B-0E6A-4F25-B7DC-1C1297173684\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.190:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4390E10A-027E-423E-ABE3-86099074B4AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.200:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B44FF660-7348-4F60-BE4D-1815C095C88A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.210:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7350164E-520E-4BA0-8C51-19EE7D1E5FA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.220:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B2E5B42-C492-4F59-B250-C40095CF2582\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.230:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4155856-F5A3-4125-952E-82E93DDDE088\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.240:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB0BE82F-EC96-428E-871B-1332045EE9C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.250:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B80E81F6-2A96-4014-8045-FC0C1B4CEB1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.260:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D38FB71E-4663-48EC-8164-105AF85AEB51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.270:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A95386F4-123A-407A-A735-F12FD9711BEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.280:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"030A8C8C-D60D-467D-80CE-B2B00572F05F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.290:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CE7F5BF-2B5D-44B4-8865-90E58771239C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.300:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41462964-E5BA-4182-ABF4-54ECD5D97DAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.310:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85AAE04F-4530-454A-AC2C-2581197EAD0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.320:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F2634CD-846C-4343-B50F-21AD7380212B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.330:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60489FB9-5D98-4611-8FBE-7F6A901BBFA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.340:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85A8F9EA-7A8D-4BA9-9732-DE93388800A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.350:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D4C622D-6ED7-4F11-A43B-FE00B088CEAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.360:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"080FCFDE-557E-4D35-8701-96AC28381ADF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.370:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E948F223-D365-4D5B-9C2B-FB064F8DC00B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.380:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF07B559-9FEE-40FF-AA85-0018998F7E22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.390:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B767E9C-D321-4972-BF7A-B5E62956D6CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.400:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F97A0281-1C70-4476-9441-400C83AB39E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.410:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46563F83-035B-49AF-94B4-909CE53945D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.420:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75736565-8B44-48C2-92AE-AF4B19A5C18D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.430:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A50E69D-EE5A-4DC7-A884-F6B10E677E4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.440:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19FCDACE-0BB2-4891-94BE-5E8F1BB72386\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.441:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4462604D-A3FE-4DA4-A401-59AA433686A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.450:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EE2A989-3136-4B0F-AA9C-4C002532FCB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.460:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF407748-7342-487E-86B9-038361C09B45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.470:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4F2FAD3-E922-4E17-95EC-E6D2F1BC9778\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.480:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0D66B84-678C-4568-8543-319A9C4D4116\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.490:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C548C2A-18F0-43F0-A98B-B730E33B0A87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.500:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CD4CB9A-2C24-4548-8204-D936927F8362\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.510:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1582111F-8C80-41C9-84D5-8C2BAD1511C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.520:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A98749-3256-4027-8AF0-F9756AA96CA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmin:webmin:1.530:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A7B281C-00C6-405A-AC41-0C29E29AB412\"}]}]}],\"references\":[{\"url\":\"http://javierb.com.ar/2011/04/24/xss-webmin-1-540/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/05/22/1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/05/24/7\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://securityreason.com/securityalert/8264\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securitytracker.com/id?1025438\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:109\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/517658\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/47558\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.youtube.com/watch?v=CUO7JLIGUf0\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.