Menu
▾
▴
RE: [Phphelpdesk-help] A hole about helpdesk..
|
From: Kevin M. S. <sh...@cg...> - 2001-11-20 13:35:15
|
On Tue, 20 Nov 2001, Pim van Stam wrote: > I rather like to know what the leak exactly is and how to solve it. > Is it possible for anyone to tell? > I posted last week about one issue I discovered. If the issue is known about, and all default usernames/passwords are cleaned up properly, then I really isn't any way a user could get the access. The issue I discovered can be read in detail at: http://sourceforge.net/tracker/index.php?func=detail&aid=481678&group_id=5706&atid=205706 The issue of the demo site password being changed, was that the default usernames with default privileges were installed and unchanged. so anyone familiar with phphelpdesk would be able to guess it, and comprise the phphelpdesk demo. That's the extent of it really. All and all the software is sound. To follow the information posted on the url above, click on the "Browse" link near the top of the page, that will bring you to the index of posts for phphelpdesk. I hope this helps. -k |
