News

Flaw found in Unix/Linux admin tool

Arif Mohamed
A flaw in two popular Unix and Linux administration consoles could lead to systems being compromised, according to an alert from security firm Secunia.

The bug in Usermin, a widely used administration console for Unix and Linux, could allow the introduction of rogue shell code when a user views a particular e-mail via the web. The attacking code would assume the privileges of the Usermin administrator.

Usermin lets users administer their own accounts on a network via a web-based interface and lets them carry out functions such as reading e-mail online.

In its advisory, Secunia gave the vulnerability a "highly critical" rating - its second most severe category.

Also affected is Webmin, a system administration tool that ships with Linux distributions such as Suse, Mandrake and Gentoo. Webmin contains Usermin functions, including the vulnerable web mail feature, Secunia said.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy