Hi Jim, > why is Webmin considered to be unsafe. I run it under Net::SSLeay
If you allow UDP packets to be received at the webmin port, then it's possible to pry webmin open and to gain full access. It requires the attacker to send customly and manually crafted packets and it requires some patience as it's not a 100% straightforward process. As far as I know there are no exploit scripts available yet, but I imagine that's just a matter of time. -- With best regards, Michael Stauber [EMAIL PROTECTED] Unix/Linux Support Engineer _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
