Sicherheitspatch für ISPConfig 3.0.5.4p5 veröffentlicht

Dieses Thema im Forum "Allgemein" wurde erstellt von Till, 17. Apr. 2015.

  1. Till

    Till Administrator

    A XSS vulnerability has been found in the ISPConfig 3 module changer script.
    The vulnerability requires a valid user login to ISPConfig, unauthenticated
    users are not affected.

    Vulnerable versions:

    All recent ISPConfig 3 releases.

    Fix:

    A patch for ISPConfig 3.0.5.4p5 is available trough the ISPConfig patch tool.

    Patch Installation:

    Run the command:

    ispconfig_patch

    as root user on the shell and enter:

    3054_capp

    as patch code. The patch tool will download the patch from
    ispconfig.org and apply it.

    Credits:

    We thank Alain for informing us about this issue.
     
  2. F4RR3LL

    F4RR3LL Member

    Danke!
     

Diese Seite empfehlen