Home 2014 September
Month: September 2014

Arbitrary File Deletion as Root in Webmin

Posted on by jgor Posted in Vulnerability 2 Comments ↓

A vulnerability exists in Webmin <= 1.680 (CVE-2014-2952) that allows authenticated users to delete arbitrary files on the host server as root. The problem exists in the cron module, specifically in creating a new environment variable (System > Scheduled Cron

Read more ›

UT Austin ISO Blog

Posted on by Charles Scott Posted in Uncategorized No Comments ↓

The University of Texas at Austin Information Security Office shares research and musings with the infosec community via this blog. Stay tuned.