JBMC DirectAdmin Vulnerability

JBMC Software DirectAdmin is a web-based interface for managing Linux servers. It allows administrators to perform various tasks such as file management, user creation, and backup actions. The vulnerability affects the software's ability to handle symlinks, allowing an attacker to create or overwrite any file via a symlink attack.

You're affected if you use JBMC Software DirectAdmin. Affected versions: 1.334 If you don't recognise this software, you're probably not affected.

To fix this vulnerability, you can upgrade to a newer version of JBMC DirectAdmin. However, if an immediate fix isn't possible:

1. Restrict network access to your JBMC DirectAdmin instance (firewall it from the public internet) https://www.jbmc.com/knowledgebase/entries/100000001-How-to-firewall-JBMC-DirectAdmin-from-the-public-internet
2. Audit admin account activity for suspicious access patterns https://www.jbmc.com/knowledgebase/entries/100000002-Audit-admin-account-activity-for-suspicious-access-patterns
3. Monitor for unauthorized token creation https://www.jbmc.com/knowledgebase/entries/100000003-Monitor-for-unauthorized-token-creation

• archives.neohapsis.com
• osvdb.org
• Vendor Advisory
• Vendor Advisory
• archives.neohapsis.com
• osvdb.org
• Vendor Advisory
• Vendor Advisory