Menu
▾
▴
Re: Webmin Doesn't Clean Env (root exploit) (fwd)
|
From: Jamie C. <jca...@we...> - 2001-05-29 00:47:27
|
Not really - it doensn't happen in session authentication mode, which is the default in webmin 0.85. However, if you are still using the old traditional HTTP authentication then it will be a problem .. Version 0.86 will be out really soon which will fix this properly in both modes. - Jamie "Ryan W. Maple" wrote: > > Jamie, is this fixed in the latest version? I re-wrote the part of the > code that restarts apache but I am not cleaning the environment either, > making the WebTool succeptable to this bug too. > > -r > > +-- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --+ > Ryan W. Maple Guardian Digital, Inc. > "Expanding exponentially, like some recursive virus." -Phish > +-- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --+ > > ---------- Forwarded message ---------- > Date: Sat, 26 May 2001 16:55:35 -0400 > From: J. Nick Koston <ni...@bu...> > To: bu...@se... > Subject: Webmin Doesn't Clean Env (root exploit) > > Not sure if this is known, however I know I've seen quite a few people > still using webmin 0.84. > > Webmin doesn't seem to clean the env properly when starting apache > (probably in other cases as well) > > It leaves the var HTTP_AUTHORIZATION set. All you need to do is run > it though a mime 64 decode and you have the login and password to > webmin. (it also leaves SERVER_PORT set so there should be no problem > figuring out where the webmin is) > > You can best see the effects by: > > 1. Kill Apache > 2. Start Apache will webmin > 3. Goto a <?php phpinfo() ?> page and look at the vars > > The good news is that webmin 0.85 doesn't seem to have this problem > because if doesn't use the same type of auth. This only seems to > affect webmin 0.84 and earlier. > > Nick |
