Re: Security Problems with webmin?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Gehrigal - Webminprojects wrote:
> 
> Hi All
> 
> Today i found an article about security problems by using webmin. Does
> anybody know this. And is there an solution?
> 
> Articel (http://www.suse.de/de/support/security/2001_016_sgmltool_txt.txt):
> 
> <----snip--->
> webmin
> Insecure handling of temporary files has been found in webmin, a
> comprehensive administration webinterface. SuSE distributions do not
> contain the webmin package and therefore are not vulnerable to the
> found vulnerabilities by default. We urge administrators who use
> webmin to upgrade to the latest version of webmin available.
> 
> <----snip--->

I guess they are referring to a problem in versions before 0.89 , in
which custom commands with the "Use user's environment?" option set
created a temp file with mode 777 and then executed it. But that is 
fixed now ..

 - Jamie

Re: Security Problems with webmin?

A web-based interface for system administration of UNIX

Re: Security Problems with webmin?