{ "id": "CVE-2002-1673", "sourceIdentifier": "cve@mitre.org", "published": "2002-12-31T05:00:00.000", "lastModified": "2017-07-11T01:29:19.697", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by inserting the script into certain files or fields, such as a real user name entry in the passwd file." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 3.6 }, "baseSeverity": "LOW", "exploitabilityScore": 3.9, "impactScore": 4.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "30E3CF12-D0B7-4C7F-96C8-36A3FAFA8EDF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C808C470-F0A1-4338-A988-3968EABE78E0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C16685C0-94E9-4AE6-8221-1D32112808F6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "EDACA626-1687-4192-A2E8-C74823B715A5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "A9641C23-B30A-4CB2-A348-BD708F68F90A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "0852A462-22ED-422D-A454-0A6E026D9AD0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "97FEF73D-767D-4BF2-AA12-67268719A404" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.21:*:*:*:*:*:*:*", "matchCriteriaId": "84B5A02C-96AB-46FD-A958-86AC0DFD1F2A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.22:*:*:*:*:*:*:*", "matchCriteriaId": "BB1B8073-C512-4ACA-8E3F-92D46D63FBCF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.31:*:*:*:*:*:*:*", "matchCriteriaId": "B368FAD0-39A7-4115-9327-1D32BECF2F7E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.41:*:*:*:*:*:*:*", "matchCriteriaId": "2B3D7B7A-0426-4176-A759-E96024DC492D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.42:*:*:*:*:*:*:*", "matchCriteriaId": "1E3EFDEE-A99B-4D0E-B6A7-E7C285A5DFBC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.51:*:*:*:*:*:*:*", "matchCriteriaId": "50C3D4D4-246A-4287-AA42-CFDD0C1AE22A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.76:*:*:*:*:*:*:*", "matchCriteriaId": "F05CF0BA-0606-42E5-A631-D302FF1D59F0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.77:*:*:*:*:*:*:*", "matchCriteriaId": "6A79B7B3-708A-42E4-B4EF-7746F6292DB5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.78:*:*:*:*:*:*:*", "matchCriteriaId": "E2F06BC0-0418-4A1C-BD4A-B7429A6CEA39" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.79:*:*:*:*:*:*:*", "matchCriteriaId": "1817FDA9-31F4-4D4A-A867-386D2F1CDB1C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "23522A64-FD03-4C5B-9A8A-5E7CDDC65CEE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.83:*:*:*:*:*:*:*", "matchCriteriaId": "DFD94AA9-CABA-4FC8-8367-D5D9D8B4F623" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.84:*:*:*:*:*:*:*", "matchCriteriaId": "35B136CA-47BF-46DE-885A-9E74EBDE5306" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.85:*:*:*:*:*:*:*", "matchCriteriaId": "E9A3F522-6E6D-446C-8694-7AE91F19F1C7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.88:*:*:*:*:*:*:*", "matchCriteriaId": "DBB86BC7-4A99-4C5B-9460-CDDA7C4E4041" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "0B0813F3-1886-481E-8822-4BD199C4934F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "6D25A7CA-ED9D-4562-8965-D4906D1BE5FA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:webmin:webmin:0.92.1:*:*:*:*:*:*:*", "matchCriteriaId": "C5C38C77-246F-41A9-A3D5-99C2DDA1DAE1" } ] } ] } ], "references": [ { "url": "http://www.securityfocus.com/bid/4329", "source": "cve@mitre.org", "tags": [ "Exploit", "Patch" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8596", "source": "cve@mitre.org" } ] }