← CVECheck
HomeVulnerabilities

CVE-2002-0757 — HIGH severity vulnerability ((1) Webmin 0.96 and (2) Usermin 0.90 with password timeouts)

(1) Webmin 0.96 and (2) Usermin 0.90 with password timeouts enabled allow local and possibly remote attackers to bypass authentication and gain privileges via certain control characters in the authentication information, which can force Webmin or Usermin to accept arbitrary username/session ID combinations.

CVE IDCVE-2002-0757
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2002-08-12
Last modified2026-04-16
Description(1) Webmin 0.96 and (2) Usermin 0.90 with password timeouts enabled allow local and possibly remote attackers to bypass authentication and gain privileges via certain control characters in the authentication information, which can force Webmin or Usermin to accept arbitrary username/session ID combinations.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →