Dyad Security on Tuesday warned of a so-called "format string vulnerability" in Webmin, a Web-based administration utility written in Perl. An attacker could gain complete control over a server running the vulnerable software by exploiting this "new class" of flaw, the security research company said in an advisory.
"If remote code execution is successful, it would lead to a full remote root compromise in a standard configuration," according to the advisory.
