Insecure Encryption of Root Password in Webmin Ebuild on Gentoo Linux

Insecure Encryption of Root Password in Webmin Ebuild on Gentoo Linux

CVE-2005-0427 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The ebuild of Webmin before 1.170-r3 on Gentoo Linux includes the encrypted root password in the miniserv.users file when building a tbz2 of the webmin package, which allows remote attackers to obtain and possibly crack the encrypted password.

Learn more about our Cis Benchmark Audit For Debian Family Linux.