fkie_nvd - fkie_cve-2002-2360

fkie_cve-2002-2360

Vulnerability from fkie_nvd

Published

2002-12-31 05:00

Modified

2025-04-03 01:03

Severity ?

Summary

The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests.

References

URL	Tags
cve@mitre.org	http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-08/0403.html
cve@mitre.org	http://www.iss.net/security_center/static/9983.php
cve@mitre.org	http://www.securiteam.com/unixfocus/5CP0R1P80G.html
cve@mitre.org	http://www.securityfocus.com/bid/5591	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-08/0403.html
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/9983.php
af854a3a-2127-422b-91ae-364da2661108	http://www.securiteam.com/unixfocus/5CP0R1P80G.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/5591	Exploit

Impacted products

Vendor	Product	Version
webmin	webmin	0.21
webmin	webmin	0.22
webmin	webmin	0.31
webmin	webmin	0.41
webmin	webmin	0.42
webmin	webmin	0.51
webmin	webmin	0.76
webmin	webmin	0.77
webmin	webmin	0.78
webmin	webmin	0.79
webmin	webmin	0.80
webmin	webmin	0.85
webmin	webmin	0.88
webmin	webmin	0.91
webmin	webmin	0.92
webmin	webmin	0.93
webmin	webmin	0.94
webmin	webmin	0.950
webmin	webmin	0.960
webmin	webmin	0.970
webmin	webmin	0.980
webmin	webmin	0.990

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "84B5A02C-96AB-46FD-A958-86AC0DFD1F2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB1B8073-C512-4ACA-8E3F-92D46D63FBCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "B368FAD0-39A7-4115-9327-1D32BECF2F7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B3D7B7A-0426-4176-A759-E96024DC492D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E3EFDEE-A99B-4D0E-B6A7-E7C285A5DFBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C3D4D4-246A-4287-AA42-CFDD0C1AE22A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.76:*:*:*:*:*:*:*",
              "matchCriteriaId": "F05CF0BA-0606-42E5-A631-D302FF1D59F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.77:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A79B7B3-708A-42E4-B4EF-7746F6292DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.78:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2F06BC0-0418-4A1C-BD4A-B7429A6CEA39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.79:*:*:*:*:*:*:*",
              "matchCriteriaId": "1817FDA9-31F4-4D4A-A867-386D2F1CDB1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "23522A64-FD03-4C5B-9A8A-5E7CDDC65CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.85:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9A3F522-6E6D-446C-8694-7AE91F19F1C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.88:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBB86BC7-4A99-4C5B-9460-CDDA7C4E4041",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0813F3-1886-481E-8822-4BD199C4934F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D25A7CA-ED9D-4562-8965-D4906D1BE5FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F2D028-F2F9-4CE0-A24B-7DB44D488D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.94:*:*:*:*:*:*:*",
              "matchCriteriaId": "82EE7A9B-5688-4933-95B9-476873D44A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.950:*:*:*:*:*:*:*",
              "matchCriteriaId": "08068E84-9EE5-4742-B70A-567CD4199604",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.960:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C6D5F6A-B34F-4134-959F-C31FC84EBCF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.970:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB4FEC51-DD03-418D-8E55-CEE696BE2D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.980:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B9F8F43-F9EC-4BC0-BDF6-EC3EDF5A71F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:webmin:webmin:0.990:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB6865E9-F244-4019-AA4C-3DB1655A6AA0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests."
    }
  ],
  "id": "CVE-2002-2360",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-08/0403.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.iss.net/security_center/static/9983.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securiteam.com/unixfocus/5CP0R1P80G.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/5591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-08/0403.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.iss.net/security_center/static/9983.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securiteam.com/unixfocus/5CP0R1P80G.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/5591"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2002-2360 (GCVE-0-2002-2360)

Vulnerability from cvelistv5

Published

2007-10-29 19:00