CVE-2005-0427

Name of the Vulnerable Software and Affected Versions Webmin versions prior to 1.170-r3

Description The issue allows remote attackers to obtain the encrypted root password, which could potentially be cracked. This occurs because the ebuild of Webmin on Gentoo Linux includes the encrypted root password in the miniserv.users file when building a tbz2 of the webmin package.

Recommendations For versions prior to 1.170-r3, update to version 1.170-r3 or later to resolve the issue. As a temporary workaround, consider restricting access to the miniserv.users file to minimize the risk of exploitation.