CVE-2002-2360

Webmin - Access Control

Title source: rule

Description

The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Noam Rathaus · perlremotelinux

https://www.exploit-db.com/exploits/21765

View Code ZIP pw:eip

References (4)

[Exploit] http://www.securityfocus.com/bid/5591

[Various Sources] http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-08/0403.html

[Various Sources] http://www.securiteam.com/unixfocus/5CP0R1P80G.html

[Third Party Advisory] http://www.iss.net/security_center/static/9983.php

Scores

EPSS 0.0341

EPSS Percentile 87.5%

Details

CWE

CWE-264

Status published

Products (22)

webmin/webmin 0.21

webmin/webmin 0.22

webmin/webmin 0.31

webmin/webmin 0.41

webmin/webmin 0.42

webmin/webmin 0.51

webmin/webmin 0.76

webmin/webmin 0.77

webmin/webmin 0.78

webmin/webmin 0.79

... and 12 more

Published Dec 31, 2002

Tracked Since Feb 18, 2026