VULHUB ™

Webmin is a web-based interface for system administration for Unix. During the execution of a custom command by the run.cgi script, a temporary file is created that is owned by root and world writable and executable. It is possible that an attacker could write to this file during the execution of the command, and cause arbitrary shell commands to be executed by root.

Webmin is a web-based interface for system administration for Unix. During the execution of a custom command by the run.cgi script, a temporary file is created that is owned by root and world writable and executable. It is possible that an attacker could write to this file during the execution of the command, and cause arbitrary shell commands to be executed by root.