Webmin detection 1.1
 
Plugin ID145
Plugin nameWebmin detection
Plugin filenameWebmin detection.plugin
Plugin filesize2567 bytes
Plugin familyCGI
Plugin created nameMarc Ruef
Plugin created emailmarc dot ruef at computec dot ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2004/09/06
Plugin updated nameMarc Ruef
Plugin updated emailmarc dot ruef at computec dot ch
Plugin updated webhttp://www.computec.ch
Plugin updated companycomputec.ch
Plugin updated date2004/11/13
Plugin version1.1
Plugin changelogCorrected the plugin structure and added the accuracy values in 1.1
Plugin protocoltcp
Plugin port10000
Plugin procedure detectionopen|sleep|close|pattern_exists Webmin
Plugin detection accuracy90
Plugin commentThis plugin was written with the ATK Attack Editor.
Bug affectedWebmin
Bug not affectedOther products
Bug vulnerability classConfiguration
Bug descriptionThe target host is running Webmin. This open-source utility provides a web interface for the system and server administration of a Unix host. An attacker may get additional information about the target or gain elevated privileges by breaking the security of Webmin.
Bug solutionDisable the service if it is not needed. Install firewalling to prevent unwanted connections to the Webmin port.
Bug fixing timeApprox. 30 minutes
Bug exploit availabilityYes
Bug remoteYes
Bug localYes
Bug severityMedium
Bug popularity8
Bug simplicity8
Bug impact6
Bug risk7
Bug Nessus riskMedium
Bug check toolsNessus is also able to do the same check.
Source Nessus ID10757
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.