Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:PKG:WEBMIN-BRUTE

Severity

 Medium

Recommended

 No

Category

 HTTP

Keywords

 Webmin Administrator Password Brute Force

Release Date

 2005/08/04

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Webmin Administrator Password Brute Force


This signature detects an attempt to brute-force a Webmin server into disclosing the Administrator's password.

Extended Description

Webmin is prone to multiple unspecified vulnerabilities that may allow an attacker to disclose sensitive information and carry out denial of service attacks against legitimate users of the application. The first issue can allow a user to disclose sensitive configuration information about any module regardless of the user's privileges. The second issue can allow an attacker to send fake credentials to the application that results in locking out legitimate users of Webmin. Webmin versions 1.140 and prior are affected by these issues.

Affected Products

  • Conectiva Linux 10.0.0
  • Debian Linux 3.0.0
  • Debian Linux 3.0.0 Alpha
  • Debian Linux 3.0.0 Arm
  • Debian Linux 3.0.0 Hppa
  • Debian Linux 3.0.0 Ia-32
  • Debian Linux 3.0.0 Ia-64
  • Debian Linux 3.0.0 M68k
  • Debian Linux 3.0.0 Mips
  • Debian Linux 3.0.0 Mipsel
  • Debian Linux 3.0.0 Ppc
  • Debian Linux 3.0.0 S/390
  • Debian Linux 3.0.0 Sparc
  • Webmin 0.1.0
  • Webmin 0.2.0
  • Webmin 0.21.0
  • Webmin 0.22.0
  • Webmin 0.3.0
  • Webmin 0.31.0
  • Webmin 0.4.0
  • Webmin 0.41.0
  • Webmin 0.42.0
  • Webmin 0.5.0
  • Webmin 0.5.0 x
  • Webmin 0.51.0
  • Webmin 0.6.0
  • Webmin 0.7.0
  • Webmin 0.76.0
  • Webmin 0.77.0
  • Webmin 0.78.0
  • Webmin 0.79.0
  • Webmin 0.80.0
  • Webmin 0.8.3
  • Webmin 0.8.4
  • Webmin 0.85.0
  • Webmin 0.8.5 Red Hat
  • Webmin 0.88.0
  • Webmin 0.89.0
  • Webmin 0.91.0
  • Webmin 0.92.0
  • Webmin 0.92.0 -1
  • Webmin 0.93.0
  • Webmin 0.94.0
  • Webmin 0.950.0
  • Webmin 0.960.0
  • Webmin 0.970.0
  • Webmin 0.980.0
  • Webmin 0.990.0
  • Webmin 1.0.0 00
  • Webmin 1.0.0 20
  • Webmin 1.0.0 50
  • Webmin 1.0.0 60
  • Webmin 1.0.0 70
  • Webmin 1.0.0 80
  • Webmin 1.0.0 90
  • Webmin 1.110.0
  • Webmin 1.121.0
  • Webmin 1.130.0
  • Webmin 1.140.0

References

  • BugTraq: 10474
  • CVE: CVE-2004-0583
  • URL: http://www.securityfocus.com/bid/10523
  • URL: http://www.webmin.com/changes-1.150.html
  • URL: http://marc.theaimsgroup.com/?l=bugtraq&m=108737059313829&w=2

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out