Monthly Archives: September 2014

Arbitrary File Deletion as Root in Webmin

A vulnerability exists in Webmin <= 1.680 (CVE-2014-2952) that allows authenticated users to delete arbitrary files on the host server as root. The problem exists in the cron module, specifically in creating a new environment variable (System > Scheduled Cron

Posted in Vulnerability

UT Austin ISO Blog

The University of Texas at Austin Information Security Office shares research and musings with the infosec community via this blog. Stay tuned.

Posted in Uncategorized