Webmin Authentication Information Leakage Vulnerability
CVE-2001-1074 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges.
Learn more about our Cis Benchmark Audit For Server Software.