Re: [webmin-l] hacker attempt to get /etc/shadow

[Jamie C. <jca...@we...>]

On 2/Sep/2006 09:53 Obantec Support wrote ..
> 
> ----- Original Message ----- 
> From: "Jamie Cameron" <jca...@we...>
> To: "Webmin users list" <web...@li...>
> Sent: Saturday, September 02, 2006 4:25 PM
> Subject: Re: [webmin-l] hacker attempt to get /etc/shadow
> 
> 
> > On 2/Sep/2006 04:26 Obantec Support wrote ..
> > > Hi
> > >
> > > any idea what this is in /var/webmin/miniserv.error
> > >
> > > [26/Aug/2000] [24.119.41.35]
> > >
> /unauthenticated//..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
> > >
> 
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
> > >
> 
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
/..
> > > 
/..
/..
/..
/..
/..
/..
/..
/..
//etc/shadow : File not found
> > >
> > > errors above and below are 2006 so the date is odd!
> >
> > This looks like an attempt to exploit a bug in Webmin that existed in
> versions
> > before 1.290, which could be used to access any file on the system
> (including
> > /etc/shadow). I strongly recommend upgrading to 1.290 if you haven't
> already ..
>
> I am running 1.290

In that case, you don't have to worry .. this was a failed attempt to
exploit the bug that was blocked and recorded in your log.

 - Jamie