Flawed code traced to home build system, vulnerability can be attacked in certain configs
The maintainers of Webmin – an open-source application for system administration tasks on Unix-flavored systems – have released Webmin version 1.930 and the related Usermin version 1.780 to patch a vulnerability that can be exploited to achieve remote code execution in certain configurations.
Joe Cooper, one of the contributing developers, announced the patch in a blog post over the weekend.
"This release addresses CVE-2019-15107, which was disclosed earlier today," Cooper said. "We received no advance notification of it, which is unusual and unethical on the part of the researcher who discovered it. But, ..
Support the originator by clicking the read the rest link below.
