roundcube security bug
Moti Levy
levymoti at gmail.com
Mon Mar 9 07:54:50 PDT 2009
On 03/09/09 6:05 AM, Zbigniew Szalbot wrote:
> Hi there,
>
> On Mon, Mar 9, 2009 at 10:50, Ross Cameron<abalour at gmail.com> wrote:
>
>> Surely an attempted cracking attempt on you're server warrants making time?
>>
>
> It does.
>
>
>> Without detailed reports of issues like this how is the vendor expected to
>> correct the problem?
>> Avoiding installing the code is just a lazy workaround, helping the
>> author's will improve the general open source software ecosystem.
>>
>
> Like I said, I just lacked the time. I have notified the port
> maintainer though and intend to contact the author but I wish there
> was a simpler way then having to register first.
>
>
portaudit is always usefull
Affected package: roundcube-0.2.a,1
Type of problem: roundcube -- remote execution of arbitrary code.
Reference:
<http://www.FreeBSD.org/ports/portaudit/8f483746-d45d-11dd-84ec-001fc66e7203.html>
More information about the freebsd-questions
mailing list