Year: 2014

Arbitrary File Deletion as Root in Webmin

A vulnerability exists in Webmin <= 1.680 (CVE-2014-2952) that allows authenticated users to delete arbitrary files on the host server as root. The problem exists in the cron module, specifically in creating a new environment variable (System > Scheduled Cron

UT Austin ISO Blog

The University of Texas at Austin Information Security Office shares research and musings with the infosec community via this blog. Stay tuned.