Flaw found in Unix/Linux admin tool
A flaw in two popular Unix and Linux administration consoles could lead to systems being compromised, according to an alert from...
The importance of web security
Join us as we take a look at the different approaches you can take in order to bolster your web security. We find out how to identify and address overlooked web security vulnerabilities, how security controls affect web security assessment results and why web opportunities must be met with appropriate security controls.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
The bug in Usermin, a widely used administration console for Unix and Linux, could allow the introduction of rogue shell code when a user views a particular e-mail via the web. The attacking code would assume the privileges of the Usermin administrator.
Usermin lets users administer their own accounts on a network via a web-based interface and lets them carry out functions such as reading e-mail online.
In its advisory, Secunia gave the vulnerability a "highly critical" rating - its second most severe category.
Also affected is Webmin, a system administration tool that ships with Linux distributions such as Suse, Mandrake and Gentoo. Webmin contains Usermin functions, including the vulnerable web mail feature, Secunia said.
Start the conversation
0 comments