CVE-2002-1947

CVE-2002-1947

EPSS 1.4%

Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02%3A06.asc http://www.iss.net/security_center/static/10381.php http://www.securityfocus.com/bid/5936 http://www.webmin.com/changes.html