Bug Detected In Unix and Linux Admin Console

According to an advisory released by Gentoo, a bug in Usermin, a widely used Unix and Linux administration console, can allow malicious code to be executed by specially crafted e-mail. In addition, a bug in the installation script of Webmin and Usermin can allow local users to execute a symlink attack at installation. Security experts say the Usermin functionality, including the vulnerability, is included in the Webmin software, which is shipped with Linux distributions such as SuSE, Mandrake, and Gentoo. Users are advised to upgrade to the latest versions of Usermin and Webmin.


Leave a Reply