CVE-2024-45692

Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP packets on port 10000.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:virtualmin:virtualmin:*:*:*:*:*:*:*:*
cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:*

History

05 Sep 2024, 21:35

Type Values Removed Values Added
References () https://cispa.de/en/loop-dos - () https://cispa.de/en/loop-dos - Technical Description
References () https://webmin.com - () https://webmin.com - Product
References () https://www.openwall.com/lists/oss-security/2024/09/04/1 - () https://www.openwall.com/lists/oss-security/2024/09/04/1 - Mailing List
First Time Virtualmin
Webmin webmin
Webmin
Virtualmin virtualmin
CPE cpe:2.3:a:virtualmin:virtualmin:*:*:*:*:*:*:*:*
cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:*

05 Sep 2024, 14:35

Type Values Removed Values Added
CWE CWE-835
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

05 Sep 2024, 12:53

Type Values Removed Values Added
Summary
  • (es) Webmin anterior a 2.202 y Virtualmin anterior a 7.20.2 permiten un bucle de tráfico de red a través de paquetes UDP falsificados en el puerto 10000.

04 Sep 2024, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-04 23:15

Updated : 2024-09-05 21:35


NVD link : CVE-2024-45692

Mitre link : CVE-2024-45692

CVE.ORG link : CVE-2024-45692


JSON object : View

Products Affected

virtualmin

  • virtualmin

webmin

  • webmin
CWE
CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')