oss-sec mailing list archives

Re: Re: CVE for ISPConfig 3.0.4.3 "Add new Webdav user" can chmod and chown entire server from client interface

From: "ISPConfig.org - Till Brehm" <t.brehm () ispconfig org>
Date: Tue, 10 Apr 2012 17:42:34 +0200

> On 04/09/2012 04:42 AM, ISPConfig.org - Till Brehm wrote:
> > The contact info of the ispconfig project can be found here:
> >
> > http://www.ispconfig.org/imprint/
>
> Is there a security contact and PGP key for reporting serious issues?
> I was unable to find any security contact information on the website
> as previously stated.

Please use the email address on the page http://www.ispconfig.org/imprint/
for all kind of contact requests incl. security reports.

Regarding the issue that you reported to the oss-security list, thebugfix release

has been published today.

With kind regards,

Till Brehm
ISPConfig.org

--
ISPConfig UG (haftungsbeschränkt)
Ritterstrasse 21
21335 Lüneburg
Tel +49-4131-707771
Fax +49-4131-407175
Email info () ispconfig org
--

Current thread:

CVE for ISPConfig 3.0.4.3 "Add new Webdav user" can chmod and chown entire server from client interface Kurt Seifried (Apr 08)
- Re: CVE for ISPConfig 3.0.4.3 "Add new Webdav user" can chmod and chown entire server from client interface ISPConfig.org - Till Brehm (Apr 09)
  - Re: Re: CVE for ISPConfig 3.0.4.3 "Add new Webdav user" can chmod and chown entire server from client interface Kurt Seifried (Apr 09)
- Re: Re: CVE for ISPConfig 3.0.4.3 "Add new Webdav user" can chmod and chown entire server from client interface ISPConfig.org - Till Brehm (Apr 10)