Mandriva: Subject: [Security Announce] [ MDVSA-2008:193 ] kolab-server |
|
| BugsAlert Home > Mandriva: Subject: [Security Announce] [ MDVSA-2008:193 ] kolab-server | |
|
LinuxSecurity.com: Gavin McCullagh of Griffith College Dublin reported an issue in Kolab v1 where user passwords were being recorded in the Apache log files due to Kolab using HTTP GET requests rather than HTTP POST requests. This would allow any users with access to the Apache log files to harvest user passwords and possibly other sensitive data. The patch to fix this problem also corrects and issue where non-alphanumeric characters in passwords, set via the Kolab web interface, did not work. Original Source: http://www.linuxsecurity.com/content/view/142034?rdf Learn more about Mandriva: Subject: [Security Announce] [ MDVSA-2008:193 ] kolab-server |
|
|
Tags: mandriva subject security announce mdvsa-2008 193 kolab-server |
|
Related Items |
|
|
Latest VLC Patches Security Vulnerability, Fixes Other Bugs
|
|
|
Trojan.Win32.ConnectionServices.e
|
|
|
FrSIRT - Trend Micro ServerProtect Multiple Code Execution Vulnerabilities
|
|
|
FrSIRT - Slackware Security Update Fixes Amarok Temporary File Vulnerability
|
|
|
FrSIRT - SuSE Security Update Fixes Postfix Privilege Escalation Vulnerabilities
|
|
|
Bugtraq: [SECURITY] [DSA 1618-1] New ruby1.9 packages fix several vulnerabilities
|
|
|
CVE-2008-2815 (mymarket)
|
|
