Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project's maintainers today revealed that the flaw was not actually the result of a coding mistake made by the programmers.
Instead, it was secretly planted by an unknown hacker who successfully managed to inject a backdoor at some point in its build infrastructure—that surprisingly persisted into various releases of Webmin (1.882 through 1.921) and eventually remained hidden for over a year.
With over 3 million downloads per year, Webmin is one of the world's most popular open-source web-based applications for managing Unix-based systems, such as Linux, FreeBSD, or OpenBSD servers. ... Click Here
0732150500/7, 0703044000/7
KENET WEBSITE
