Test ID:	1.3.6.1.4.1.25623.1.0.11279
Category:	Gain root remotely
Title:	Webmin Session ID Spoofing
Summary:	NOSUMMARY
Description:	Description: The remote server is running a version of Webmin which is vulnerable to Session ID spoofing. An attacker may use this flaw to log in as admin on this host, and basically gain full control on it Solution : upgrade to webmin 1.070 Risk factor : High
Cross-Ref:	BugTraq ID: 6915 Common Vulnerability Exposure (CVE) ID: CVE-2003-0101 http://www.securityfocus.com/bid/6915 Bugtraq: 20030224 GLSA: usermin (200302-14) (Google Search) http://marc.info/?l=bugtraq&m=104610336226274&w=2 Bugtraq: 20030224 Webmin 1.050 - 1.060 remote exploit (Google Search) http://marc.info/?l=bugtraq&m=104610245624895&w=2 Bugtraq: 20030224 [SNS Advisory No.62] Webmin/Usermin Session ID Spoofing Vulnerability "Episode 2" (Google Search) http://marc.info/?l=bugtraq&m=104610300325629&w=2 Computer Incident Advisory Center Bulletin: N-058 http://www.ciac.org/ciac/bulletins/n-058.shtml Debian Security Information: DSA-319 (Google Search) http://www.debian.org/security/2003/dsa-319 En Garde Linux Advisory: ESA-20030225-006 http://archives.neohapsis.com/archives/linux/engarde/2003-q1/0008.html HPdes Security Advisory: HPSBUX0303-250 http://archives.neohapsis.com/archives/hp/2003-q1/0063.html http://www.mandriva.com/security/advisories?name=MDKSA-2003:025 http://www.lac.co.jp/security/english/snsadv_e/62_e.html http://www.securitytracker.com/id?1006160 http://secunia.com/advisories/8115 http://secunia.com/advisories/8163 SGI Security Advisory: 20030602-01-I ftp://patches.sgi.com/support/free/security/advisories/20030602-01-I http://www.iss.net/security_center/static/11390.php
Copyright	This script is Copyright (C) 2003 Renaud Deraison

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.