[Dshield] Port 13000 ?

Mark Rowlands mark.rowlands at minmail.net
Fri Nov 1 14:49:06 GMT 2002


On Fri November 1 2002 14:18, Ed Truitt wrote:
> In http://www.kb.cert.org/vuls/id/AAMN-5BPLW6 (CERT Vulnerability Note
> 287771), it talks about a condition in webmin where if a webmin user can
> view print jobs, he/she can execute any command as root.  It also says
> there is a fix available, and directs the reader to
> http://www.webmin.com/updates.html for updates.  Note this applied to
> OpenBSD and NetBSD, not Linux.
>
> However, I can think of 2 potential issues with Webmin (and I used to use
> it myself):
>
> 1) If you don't set up your web server to use SSL, the passwords are being
> sent in clear text.  Since this is an administrative gateway to your
> system(s), it is probably NOT a good thing.
>
> 2) Do you REALLY need to admin your box across the Internet?  If not, think
> seriously about locking down access so that you can only get to Webmin from
> inside your local network.

Hhm, I wander if you could 

a) Startup webmin from a weblink and force it to shutdown when the logout / 
after x minutes or 
b) set  a link to a cgi to open up the webmin port, and then shutdown after x 
minutes.

Course, then you have the risk of someone getting fresh with those links.....
I just quickly whipped up a little cgi to switch off and on rules in my 
firewall and it works....but as to whether it is safe?






More information about the list mailing list