Webmin is a web-based system administration tool for Unix-like servers, and services with about 1,000,000 yearly installations worldwide.
Webmin/Virtualmin use a UDP service discovery, usually running on port UDP/10000. This service responds to any UDP request with the IP address and port on which the control panel is available. This behavior can be used to implement a Loop DoS attack (CVE-2024-2169 etc) by sending udp packets with spoofed source ip:port using other Webmin instance IP-andreess that can lead to endless traffic exchange between hosts, Denial of Service (DOS) and/or abuse of resources. Fix: Users are recommended to upgrade to version Webmin 2.202, Virtualmin 7.20.2 which fixes the issue. Workaround: Block UDP/10000 the service for access from the Internet. References: https://webmin.com/ https://cispa.de/en/loop-dos https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2169 Credits: Alexander Chernenkov, Sergey Gordeychik, CyberOK
