Flaw found in Unix/Linux admin tool

A flaw in two popular Unix and Linux administration consoles could lead to systems being compromised, according to an alert from...

A flaw in two popular Unix and Linux administration consoles could lead to systems being compromised, according to an alert from security firm Secunia.

The bug in Usermin, a widely used administration console for Unix and Linux, could allow the introduction of rogue shell code when a user views a particular e-mail via the web. The attacking code would assume the privileges of the Usermin administrator.

Usermin lets users administer their own accounts on a network via a web-based interface and lets them carry out functions such as reading e-mail online.

In its advisory, Secunia gave the vulnerability a "highly critical" rating - its second most severe category.

Also affected is Webmin, a system administration tool that ships with Linux distributions such as Suse, Mandrake and Gentoo. Webmin contains Usermin functions, including the vulnerable web mail feature, Secunia said.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Antivirus, firewall and IDS products

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close