CVE-2004-0583

NameCVE-2004-0583
DescriptionThe account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-526

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
userminsource(unstable)1.090-1
webminsourcewoody0.94-7woody2DSA-526
webminsource(unstable)1.150-1

Search for package or bug name: Reporting problems