Webmin - Security Warning

Submitted by Gast (nicht überprüft) on So, 03/04/2018 - 13:37

Macht Webmin-Referrer Check überhaupt Sinn? Durch FakeReferrer kann man es sowieso umgehen.

Security Warning     

Warning! Webmin has detected that the program https://1.2.3.4:10000/webmin/edit_themes.cgi was linked to from an unknown URL, which appears to be outside the Webmin server. This may be an attempt to trick your server into executing a dangerous command.

Make sure your browser is configured to send referrer information so that it can be verified by Webmin.

Alternately, you can configure Webmin to allow links from unknown referers by :

    Login as root, and edit the /etc/webmin/config file.
    Find the line referers_none=1 and change it to referers_none=0.
    Save the file.

WARNING - this has the side effect of opening your system up to reflected XSS attacks and so is not recommended!!

Neuen Kommentar schreiben

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.