VULHUB ™

Webmin is a web-based interface for system administration of Unix and Linux operating systems. It has been reported that authentication credentials for remote Webmin servers on the network are stored in plaintext by Webmin. With the proper file and directory permissions in place, this should not be an issue in and of itself. However, BugTraq ID 4328 "Webmin Insecure Directory Permissions Vulnerability" describes an issue which may potentially expose these credentials to local attackers. This vulnerability may also cause remote authentication credentials to be disclosed to a malicious administrator.

Webmin is a web-based interface for system administration of Unix and Linux operating systems. It has been reported that authentication credentials for remote Webmin servers on the network are stored in plaintext by Webmin. With the proper file and directory permissions in place, this should not be an issue in and of itself. However, BugTraq ID 4328 "Webmin Insecure Directory Permissions Vulnerability" describes an issue which may potentially expose these credentials to local attackers. This vulnerability may also cause remote authentication credentials to be disclosed to a malicious administrator.