Vigil@nce - Webmin: privilege escalation via PHP Configuration/Webalizer
March 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An authenticated attacker can use the PHP Configuration and
Webalizer modules of Webmin, in order to escalate his privileges.
Impacted products: Webmin
Severity: 2/4
Creation date: 14/03/2014
DESCRIPTION OF THE VULNERABILITY
An authenticated attacker can use the PHP Configuration and
Webalizer modules of Webmin, in order to escalate his privileges.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Webmin-privilege-escalation-via-PHP-Configuration-Webalizer-14425