Webmin · Usermin · CVE-2003-0101
**Name of the Vulnerable Software and Affected Versions**
Webmin versions prior to 1.070
Usermin versions prior to 1.000
**Description**
The issue arises from the improper handling of metacharacters, such as line feeds and carriage returns (CRLF), in Base-64 encoded strings during Basic authentication. This allows remote attackers to spoof a session ID, potentially leading to the gain of root privileges.
**Recommendations**
For Webmin versions prior to 1.070, update to version 1.070 or later to resolve the issue.
For Usermin versions prior to 1.000, update to version 1.000 or later to resolve the issue.