We have been made aware of a remote exploit in Webmin 1.920 (latest) that would allow users to run arbitrary commands.
The function that is being exploited is related to the user password change that appears to be enabled by default. It is recommended that you disable that function and also temporarily disable password_change.cgi at the file system level until a patch has been released.
Please monitor the change log for updates:
http://www.webmin.com/changes.html
At the time of writing this, no patch has been issued to our knowledge!
============================================================
RACK911 Labs
1110 Palms Airport Drive, Suite 110
Las Vegas, NV 89119
1-855-RACK911
============================================================
UNSUBSCRIBE:
https://hostingseclist.us3.list-manage.com/unsubscribe?u=722bc323a024d15a407baae81&id=3d82a776ec&e=[UNIQID]&c=2513aed8e1
FORWARD EMAIL:
https://us3.forward-to-friend.com/forward?u=722bc323a024d15a407baae81&id=2513aed8e1&e=[UNIQID]
UPDATE PROFILE:
https://hostingseclist.us3.list-manage.com/profile?u=722bc323a024d15a407baae81&id=3d82a776ec&e=[UNIQID]&c=2513aed8e1