'A backdoor mechanism was found in Webmin, a popular web-based application used by system administrators to manage remote Unix-based systems, such as Linux, FreeBSD, or OpenBSD servers. The backdoor mechanism would allow a remote attacker to execute malicious commands with root privileges on the machine running Webmin. Once this machine is compromised, an attacker could then use it to launch attacks on the systems managed through Webmin. [...] According to one of the Webmin developers, the vulnerability was not the result of a coding mistake, but was actually "malicious code injected into compromised build infrastructure."' -- source: https://www.zdnet.com/article/backdoor-found-in-webmin-a-popular-web-based-u... Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/