Users can cause root race condition (SECURITY)

Version 1.582

Bugfix
Finished

A root level issue was discovered that allows local Users to perform a certain action at a very specific time, skipping over a check that DirectAdmin had just performed. This could cause root files to be overwritten, resulting in damage to the system. This cannot be performed by an external attacker, and we have no known reports of any compromised systems. We strongly suggest updating as a means of neutralizing the threat. To prevent promoting this exploit and attracting attacks, further details will be released at a later date, to allow enough time for upgrades to complete. Credit: Bartosz Kwitniewski https://www.hekko.pl/

Interested to try DirectAdmin? Get a 30-day Free Trial!