[Webmin-maintainers] Re: Webmin Remote Root Vulnerability
Patrick Winnertz
rap86 at gmx.de
Mon Apr 17 10:13:43 UTC 2006
Jaldhar H. Vyas schrieb:
> On Thu, 9 Mar 2006, Moritz Muehlenhoff wrote:
>
>> It is my understanding that this webmin vulnerabilitity was caused by
>> the generic format string flaw in perl. As we fixed perl in DSA-943 this
>> should be resolved. Can you confim, Jaldhar?
>>
>
> Yes I believe so. The big problem with the webmin packages is that I
> asked for them to be removed from the archive right around when that
> problem came up. (I wasn't properly maintaining them for a long time
> before, that's why I orphaned them.) So there hasn't been any
> responsible person chasing things like this down.
Jamie do you know if this bug is fixed in the newest webmin (or in the
webmin which is in the svn (1.150) ?
Do you know the original email? If not i can forward it to you.
mfg
Patrick
More information about the Webmin-maintainers
mailing list