Menu
▾
▴
Re: [Phphelpdesk-help] A hole about helpdesk..
|
From: alister a. <ali...@ut...> - 2001-11-20 02:03:58
|
Yes. And that's helpful. Unless you're a script kiddie wannabe, you would not do this. Do you not realise that it's self-evident that a program like this isn't immensely secure? Demo sites *aren't supposed* to have top security on them in any case, as otherwise the demo is somewhat limited. Further, it's polite to point out the security hole in a non-malicious way - emailing the sourceforge project leader would be one such way. Changing the password and attempting to hold the demo site to ransom is *not* one such way. It would be polite now to change the passwords back to their originals. If you want to secure your helpdesk system, you might want to restrict the IP addresses that can access it, and ensure a valid reverse lookup is performed. Regards, Alister At 02:58 AM 11/20/2001, tu...@tu... wrote: >I find a hole on your demo site..And I change all password to enter the >helpdesk..Please make warning to helpdesk users..If you need the password >I can send you..See you later.. >-- >_____________________________________________ >Merhaba bedava mail ve üyelik http://turks.i-p.com >BÝZE KATIL. > >Powered by Instant Portal > >_______________________________________________ >Phphelpdesk-help mailing list >Php...@li... >https://lists.sourceforge.net/lists/listinfo/phphelpdesk-help -- Alister Air Ph 9514 1277 IT Manager Fx 9514 1656 Faculty of Science, University of Technology Sydney "I will never apologize for the United States of America. I don't care what the facts are." George H Bush, 1988, after the U.S. warship Vincennes shot down an Iranian airliner in a commercial corridor, killing 290 civilians. |
