LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-21-2019, 11:49 PM   #1
JJJCR
Senior Member
 
Registered: Apr 2010
Posts: 1,636

Rep: Reputation: 277Reputation: 277Reputation: 277
Lightbulb Webmin - security


Hi guys, anyone seen this link: https://thehackernews.com/2019/08/we...y-hacking.html

Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers
 
Old 08-22-2019, 02:16 AM   #2
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Xubuntu, Slackware, Amazon Linux
Posts: 1,903
Blog Entries: 21

Rep: Reputation: 125Reputation: 125
Linux itself is too hard to hack so they have to use tricks like this to get in.
 
Old 08-22-2019, 06:59 AM   #3
greencedar
Member
 
Registered: Sep 2018
Location: Missouri
Distribution: Ubuntu 18.04 Bionic Beaver & Linux Mint 19.1 Tessa
Posts: 531
Blog Entries: 1

Rep: Reputation: 39
Thanks for the article. Webmin released a new, clean, version to take care of the problem.

Quote:
Webmin developers have now removed the malicious backdoor in its software to address the vulnerability and released the clean versions, Webmin 1.930 and Usermin version 1.780.
 
Old 08-22-2019, 08:57 AM   #4
Jan K.
Member
 
Registered: Apr 2019
Location: Esbjerg
Distribution: slackware...
Posts: 54

Rep: Reputation: 24
From link:

Turkish researcher Özkan Mustafa Akkuş publicly presented a zero-day remote code execution vulnerability in the Webmin at DefCon on August 10, without giving any advance notice to the affected project maintainers.

Now why would he do it that way?

From his ("I know Hack and I believe in Hak. So...You have no chance :/" ) website's whoAmI:

His purpose is to provide added value to the world of cyber security...

Which sounds all fine and well, but that's not really the proper way to do that, is it?
 
1 members found this post helpful.
Old 08-22-2019, 08:53 PM   #5
JJJCR
Senior Member
 
Registered: Apr 2010
Posts: 1,636

Original Poster
Rep: Reputation: 277Reputation: 277Reputation: 277
In the old days, you brag and tell the whole world you crack or hack something.

Nowadays, you keep quite and enjoy the ride. LOL.

Of course, it's better to Abstain from every form of wickedness and that includes unethical hacking.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Setup Apache so Webmin can be accessed like abc.com/webmin instead of abc.com:10000 rtoney5 Linux - Software 6 04-08-2010 12:33 PM
[SOLVED] Fail webmin install, E: Package webmin has no installation candidate cK` Linux - Newbie 10 04-07-2010 02:18 AM
webmin: missing /etc/init.d/webmin quarry_06 Debian 9 02-03-2007 09:55 AM
webmin troubles - Failed to write to /etc/webmin/module.infos.cache : No space left o coal-fire-ice Linux - Software 1 07-28-2005 10:08 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:38 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration