[26870] in bugtraq
Re: Webmin Vulnerability Leads to Remote Compromise (RPC CGI)
daemon@ATHENA.MIT.EDU (Muhammad Faisal Rauf Danka)
Fri Aug 30 11:47:44 2002
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0
Date: Fri, 30 Aug 2002 08:09:17 -0700 (PDT)
From: Muhammad Faisal Rauf Danka <mfrd@attitudex.com>
To: bugtraq@securityfocus.com
Reply-To: mfrd@attitudex.com
Message-Id: <20020830150917.CEDA03960@sitemail.everyone.net>
The problem has been fixed several versions before.
Current version is 0.990
However I am using version 0.980 of webmin.
And the default installation value for rpc in defaultacl file is 2.
[root@linux /]# grep "rpc" /home/admin/webmin-0.980/defaultacl
rpc=2
[root@linux /]#
Regards
--------
Muhammad Faisal Rauf Danka
Head of GemSEC / Chief Technology Officer
Gem Internet Services (Pvt) Ltd.
web: www.gem.net.pk
Key Id: 0x784B0202
Key Fingerprint: 6F8C EDCF 6C6E 06A5 48D7 6A20 C592 484B
784B 0202
_____________________________________________________________
---------------------------
[ATTITUDEX.COM]
http://www.attitudex.com/
---------------------------
_____________________________________________________________
Promote your group and strengthen ties to your members with email@yourgroup.org by Everyone.net http://www.everyone.net/?btn=tag
