7 Sep
2019
7 Sep
'19
8:48 a.m.
I've always avoided Webmin, having briefly looked at it a long time ago, but
Redhat's "Cockpit" [1] seems more interesting nowadays. Has anyone looked at
it? I suspect it is more closely linked to a Redhat/Fedora style server (than Debian,
which I use) but I trust the Redhat people regarding security in general.
[1] https://cockpit-project.org/
Cheers, Alastair
On Sat, Sep 7, 2019, at 8:26 AM, Keith Williams wrote:
It seems that the exploit would only work if you had
it set up so that users were allowed to log in with expired passwords, which seems a daft
setting.
I have been a webmin user for a few years now, but find I use it less and less as its
usefulness declines rapidly as other software changes. I think it is a tool that has had
its day, to be honest
On Fri, 6 Sep 2019 at 22:57, Ian Watters <lovingboth(a)gmail.com> wrote:
--
Alastair Sherringham
http://www.sherringham.net
One that caught one server in the past month was
webmin's, where one
version was hacked with a backdoor would by default let an attacker
run code as root, and later versions could also do so, depending on
how they'd been set up.
http://www.webmin.com/exploit.html
It didn't help that it's easy to let webmin update itself rather than
using the usual Debian apt / apt-get utilities and, if you don't use
it very often, it's easy to miss an update release.
What it did was install something listening to port 59000. As that
port (and almost all others) has always been blocked by the firewall,
it doesn't seem to have done anything bad, but it's rebuild on a fresh
VPS and destroy it time.
Ian, knowing that Andy has always disliked webmin...
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users